Posts

Stethoscope and pen above HIPAA compliance paperwork

HIPAA Compliance: Not Just for Doctors

Just as the title above suggests – contrary to popular belief, doctors and hospitals aren’t the only ones bound by HIPAA law. HIPAA was created in 1996 to ensure an individual’s health record was theirs to share and theirs alone. Thereby, HIPAA law extends to any organization involved with an individual’s medical records, including:

 

● Health Insurance Providers
● Doctors
● Clinics
● Hospitals
● Nursing Homes
● Mental Health Specialists
● Pharmacies
● Dentists, Orthodontists, and Oral Surgeons
● Any Business or Entity Sharing Medical Records with These Organization

 

As such, HIPAA law enforces the obligation of these organizations to steadfastly protect the privacy, security, and accuracy of all medical records entrusted to them. Nerds Support is vastly familiar with all aspects of HIPAA law, including the following aspects: The HIPAA Privacy Rule – sets limits on the handling and disclosure of any and all medical records without prior knowledge, understanding of, and approval from the patient. This rule also allows individuals to have access to their medical records to ensure complete awareness and accuracy of their contents. HIPAA Compliance for Business Associates – extends HIPAA law to cover not only the original definition of an “HIPAA-Covered Entity,” but also to any and all business associates with whom they share medical records. This newer aspect of HIPAA law ensures coverage over every organization who keeps medical records for any reason. HIPAA Security Rule – governs practices for how medical records may and may not be saved and shared. 
One of the largest undertakings in the medical industry as a result of this rule is the current universal conversion of all patient medical records from the original paper method to electronic data. 
As a result, organizations operating under HIPAA law must take austere measures to ensure strict HIPAA compliance with all medical data, leaving no stone unturned to minimize risk between data transfers and storage. HIPAA Omnibus Final Rule – the newest rule under HIPAA compliance law. According to Hitech Answers, the modifications within this rule are intended to: 
● Make business associates of covered entities directly liable for compliance with certain of the HIPAA Privacy and Security Rules’ requirements. Strengthen the limitations on the use and disclosure of protected health information for marketing and fundraising purposes, and prohibit the sale of protected health information without individual authorization. 
Expand individuals’ rights to receive electronic copies of their health information and to restrict disclosures to a health plan concerning treatment for which the individual has paid out of pocket in full. 
● Require modifications to, and redistribution of, a covered entity’s notice of privacy practices. 
● Modify the individual authorization and other requirements to facilitate research and disclosure of child immunization proof to schools, and to enable access to decedent information by family members or others. 
● Adopt the additional HITECH Act enhancements to the Enforcement Rule not previously adopted in the October 30, 2009, interim final rule, such as the provisions addressing enforcement of noncompliance with the HIPAA Rules due to willful neglect. 

 

Is your organization adequately prepared to stay within HIPAA compliance law? 

 

Nerds Support is
Don’t be just a number with Nerds Support!

 

With our IT Support Miami team you get personalized 1-1 support in 12 minutes or less.

 

Your nerd is
a call away
305-551-2009
 

A flat lay consisting of a notebook, laptop, watch, notebook, and coffee

Miami Cloud Solutions Assessment For Business Owners

Get Your Free Report Today

Before Migrating Your IT to the Cloud, Be Sure to Read These Five Important Facts First!

With so many cloud computing solutions out there, how do you know which one is right for your business, and when the right time to make the switch is? This absolutely free report will give you the insight and information you need to make the right decision about migrating your business technology to the cloud, so you don’t end up spending time and money on a solution that’s not right for your unique needs.

Find out the answers to these common questions and more:

  • What exactly is cloud computing, and how can it save my business money over my current server-based network?
  • What are my choices when it comes to cloud computing, and which solution is right for me?
  • How much money can I expect to save by switching to the cloud?
  • What are the most important questions I should ask my computer technician before getting started?
  • What are the critical facts I should know about data hosting and the security of sensitive information?
  • What’s in the fine print when it comes to migrating my technology to the cloud?

Testimonial

testimonial“Working with Nerds Support and Scott has been fantastic! With their proactive approach to IT we rarely have network or PC problems. Any little problem is fixed immediately and this keeps productivity high. Any organization, no matter how many work stations, will benefit greatly from Nerds Support services.”

A cloud team is brainstorming creative ideas in a table with stickers

How Cloud Solutions Can Help Grow Your Startup in 2019

Startups might begin small, but when successful, they evolve. And in this century, it’s necessary to scale technology as business operations and processes get more complex, staff grows and clients demand more.

But choosing the right tech solution for your business at such an early stage can be a challenge as you can’t tell the future and there’s no way to know with certainty the many ways your company will change over time.
Ideally, you’ll want a technology platform that grows with you and adapts to your business’ needs as it expands and transforms. And your worst fear as an entrepreneur might be that you’ll need to spend thousands of dollars in tech that can give you an edge over the competition.

Still, in 2019 you won’t need the budget of a big corporation to take your business to the next level. You just need the right tools to build your empire’s foundation. And in this day and age, all of these tools can be found in the cloud.

Here’s how cloud computing services can help propel your business to newer and higher levels.

Working Remotely from Anywhere

Cloud computing is an all-encompassing, powerful solution that provides flexibility to its users and increased productivity for businesses. Most companies have migrated some or all of their in-house technology to a cloud environment and have reduced operational costs, gotten a better return on their IT investment and can now work from anywhere in the world.

Cloud computing makes collaboration among employees not only possible, but efficient. It’s estimated that over 3.7 million employees work from home at least half of the time. This means working from home is fast becoming a common practice. For a start-up, saving money on the overhead costs is a critical financial benefit. Working from the cloud provides the necessary cloud infrastructure for startups to support a flexible, collaborative and productive work space that is independent of a physical location.

But with that ability, comes the need of having to be extra careful when we access our company’s virtual workplace or web platforms. A cloud-managed wireless access point allows you to keep track of what your employees do while using the cloud-based workplace. You can see what apps they use, the documents they work on, among other things that will allow you to be a more effective manager.

Monitoring your employees’ use of company software and platforms is important for security reasons, as it’s possible one of them connects via a compromised single access point and enable hackers to see confidential data.

Minimal IT Infrastructure Upkeep

Simplifying doesn’t mean the same as downsizing. With the cloud, scalability and growth come faster because you don’t need to maintain your own servers and can opt for managed services that will make your life easier.

This means that all of your critical business applications and servers will be hosted in an offsite data center, your infrastructure will be monitored by expert IT technicians, and you can return your focus to managing your business instead of wasting time worrying about maintaining your IT infrastructure.

Better Security and Compliance

If your business uses email to communicate or is based on the web, you are at risk for online threats. From viruses and malware, to spam and phishing attacks, to Man in the Middle and DDoS attacks, there’s a plethora of things hackers can do that can do serious damage to your company.

Top 5 Biggest Company Data Breaches

And while you think you’re safe using unprotected systems and networks, your email system or business website are probably not as secure as you think. Managed IT services in the cloud can reduce your risks for online threats and ensure data compliance.

Talking about compliance, if you are a government or healthcare industry contractor, you’ll find that you’ll be required to implement stricter compliance measures to safeguard sensitive data. Working with cloud solutions will reassure your clients (whether in the private or public sector) that you take the security of their data (and their business) seriously.

Your Business Online 24/7

It goes without saying that, when the applications and data that support your business are in the cloud, you will be able to access whatever you need to keep things running from anywhere, and at any time. You’ll also enjoy 24/7 IT support and services for an affordable monthly fee. You don’t need a full, in-house IT department to run your small business like a big corporation.

Business Continuity Planning

Whether it’s human error or a major natural disaster, all businesses are vulnerable to downtime, data loss and even worse, cyber attacks. The one thing you can do to protect your business from critical situations is to have a business data backup and recovery plan in place. Not all data backup and recovery plans are created equal though. So, working with disaster recovery experts is the safe bet.

Less Costly Business Solutions

Services such as VoIP phone systems, productivity applications, team collaboration software, remote desktop access, virtual work machines, website hosting, business automation, and cyber security come at a fraction of the price when it’s all managed from the cloud. Also, cloud solutions are highly customizable, which is exactly what businesses need when they’re starting up.

This is why for most entrepreneurs cloud solutions represent infinite possibilities and unlimited business growth. Startup founders know the value of sticking to the philosophy of doing more with less, as it’s how most of them thrive in a dog-eat-dog world where big, Goliath-like businesses and corporations have an unfair advantage over the Davids of the world.

Cloud Startups Focus on Clients

The cloud provides for a more client focused interface that helps startups operate professionally and in a strategic manor, which could take years using internal IT. The cloud by design provides business with a system that is easy to use.

For any startup, the initial focus should be on your business and product. If you have a novel and unique idea that you intent to capitalize on, occupying valuable time on IT infrastructure and maintenance should not be the priority.

Competitive Edge

Over 60 percent of all businesses fail within 5 years due to several factors. Two key reasons are both rigidity and poor internet presence. Once a company initiates a business plan and gains clients it must sustain those clients and keep them loyal to the service or business itself. Gaining a customer base is different from keeping one.

Succeeding as a startup requires constant monitoring of the market, novel adjustments to your business plan if needed and being on top of new trends within your industry. All of these require unrelenting concentration that is often lacking.

Startups and business owners are exposed to a constant flurry of problems created by the daily responsibilities involved in the upkeep of their business. IT related issues are a laborious, time-consuming hindrance that wears down any emerging startup before it has the opportunity to grow to its full potential. A cloud service provider would relieve the growing business of the stresses associated with developing an internal IT infrastructure, leaving you to focus on what your business needs most.

And if it isn’t done by you, it’s being done by someone else. Emerging industries and start-ups are relying on cloud based services to increase their competitive edge. Major industries from banking to streaming services are adopted one version of the cloud or another.

In order to grow companies across the globe are catching up to the technological boom that has grown since the early years the internet. In order keep a competitive edge over other companies in your field, the cloud has to become a part of any startup’s business model.

If you’re still not sure what type of solutions your startup needs to get off the ground, contact the Cloud Computing engineers at Nerds Support for a free consultation. During this consultation we will check your infrastructure and do an IT assessment.

Working Remotely During the Holidays

Cyber Security Tips: Working Remotely During the Holidays

Working Remotely

Whether we’re new to working remotely or veterans, whether we’re addicted to our jobs or unwilling slaves to our work, most of us don’t know the risks involved with this practice when we’re traveling and connecting to work computers and accounts via unsecured networks and personal devices.

Because most companies deal with sensitive information, they limit the access to their own computer networks and platforms to minimize threats like phishing, malware (viruses, worms, spyware, ransomware, etc.), Man in the Middle and DDoS attacks, and even computer theft!

You might think your organization’s CIO or CTO is a bit paranoid for treating you and other employees like security threats, but you’d be surprised to know that this is not far-fetched. In fact, it is likely that if a data breach or cyberattack happen during the holidays, you or a low-tier coworker might be partly responsible even if you’re unaware as to how this could happen.

According to the CEO of Nerds Support, Scott Richman, all businesses should have a relationship with a professional, established IT firm. “What we’re finding is that most of them do have relationships with IT personnel but are not educating them about the risk that remote users pose”, confessed Scott.

Implementing just a few of these practices will make the IT team at your company respect you a little bit more. So, here are some tips on how to work remotely the right way, in complete compliance with cyber security preventative practices.

Secure All Your Devices

This might be a tedious and time-consuming task, but it’s something that is absolutely necessary to prevent hackers from gaining the upper-hand! Below, you’ll find advice on what you could do to limit access to personal data in your device.

  • Enable 2FA: To enable two-factor authentication, we might need to access both or personal and work accounts and follow the instructions that each platform provides. You could also use an authenticator app (like Authy, Duo Mobile, or Google Authenticator).
  • Enable Remote Wipe: To set up remote wipe on your Android, Apple or Windows mobile device, first you’ve got to go to Settings, turn on the Find My Phone feature, and then active the erase device command in your phone.
  • Encrypt your Hard Drive: In Mac, you just need to turn on the FileVault, and in PC, turn on BitLocker.

Scott says the biggest problem the NS team finds is that there is no process in place. Sometimes, when users remote-wipe their work device, it’s already too late because too much time has passed. That’s the benefit of working with an IT team: they have emergency security protocols in case these things happen and will act fast to minimize the threat.

Connect to the Internet Safely

When working remotely, avoid public Wi-Fi/hotspots and use a VPN service if you absolutely need to connect from an unsecured network and get some work done ASAP. If you have the budget, you could also purchase your own mobile router and configure the network’s settings, or you could enable your personal mobile hotspot with your cellphone wireless provider (most big telecommunications companies can enable this feature on smartphones).

Communicate Securely

One thing that will help avoid data leaks is using secure videoconferencing and messaging apps, like Signal and WhatsApp. Here’s another practical tip: if you deal with company trade secrets or sensitive data, avoid talking about work in public spaces (remember: IRL there’s no such thing as a “cone of silence”, and people WILL be listening regardless they want to or not).

According to Scott, company communication should not be discussed in a public marketplace where anyone could misappropriate the intellectual property of your business. This happens to entrepreneurs often. They let their guard down while discussing their start-up ideas with their prospective clients over delicious coffee, and just like that, their new business concept has been stolen.

Use Productivity/Team Collaboration Apps Setting Up User Permissions

Your boss might ask you to use time tracking or task management apps, or to be “online” at all times so he/she can know if you’re actually working. However, you must know something: even though these tools maximize productivity, they could be detrimental for your company’s security.

Don’t assume these platforms are completely safe, as that would be a big mistake! It’s important that you keep high-security standards when using collaboration apps. That way, you will avoid revealing sensitive company and client data to malicious hackers.

Take a look at the security settings of the apps you’re using for team collaboration and project management and take the time to make your account harder to get into. Also, Scott recommends to validate any product that you use online. Check if they’re compliant with the latest security practices, and that they maintain their software and patch the bugs regularly.

Safely Access Your Work Email

Only send emails to co-workers who have company email addresses. For example, if your company is using G-Suite, don’t send personal or work emails from that G-Suite account to people outside the company network.

One of the biggest cyber security threats right now is phishing, as the techniques and methods have gotten more and more sophisticated with the years. Malicious emails are now more realistic than ever.

Scott especially warms about the dangers of phishing and spearfishing. “You’ve got to make sure that the person who’s emailing you is who they say they are. Any invoices you receive, claims of donations, or any prompts to reset the password to your bank account are all red flags, and you could be sending your personal and banking information to a hacker who could end up being able to access your governmental and financial records.”

Promote Remote Work Best Practices, Ensure Compliance!

Remember, promoting cyber security practices and cyber threat awareness is the best strategy to prevent embarrassing situations like data leaks. Train your employees, vendors and contractors on cyber security best practices, which include using strong passwords and password managers, turning off social logins (via Facebook and Twitter), set up or strengthen the spam filter on both your personal and work email, installing anti-malware software, and setting up a secure browser like Chrome with extensions like HTTPS Everywhere, Password Alert and uBlock Origin.

Also, remind your fellow employees with access to sensitive/valuable data to enforce these security measures, so everyone in your team can be safe from cybernetic threats.

Additional Remote Working Tips for the Holidays

Santa is making a list and checking it twice, and so are hackers. Don’t forget that. Just remember these tips, and never, EVER use personal, unmonitored devices to connect to company websites or access company data!

Scott’s final recommendation, said in a joking manner, is that if you don’t feel like you have any security measures in place as a remote worker, then just quit the Internet altogether. “It’s truly the only way you’ll be 100% safe from online threats”, said Scott while laughing.

If you must or need to work remotely and want to do it the right way, talk to us. We’ll help you set up a secure remote work environment (a “Workplace”, if you will) so you can safely access your work apps, files and website accounts, no matter where you are!

Contact us for more information on the cloud, cloud security and remote work.

""

Is Your Miami Business Vulnerable to Cyber Security Risks?

Technological advancement has not only brought a drastic change in the regular operations of any Miami organization but it has also exposed it to cyber-attacks. Through attacks like spear phishing via Email and hacking of network, it has the capability from affecting the business of any company to exposing top secret data of any company.

Some of the cyber security vulnerabilities for your Miami business are:

No Cyber Security Policy: Cyber-attacks have increased exponentially in the recent years capable of affecting each and every company out there. Not having a proper well documented cyber security policy and not involving employees in it can expose your organization to massive financial repercussions in case of a security breach.

Sensitive Data Exposure: In most cases, this is what cyber mafias look out for. They try to hack your system network to steal, damage or modify sensitive data like company policies and user information that has the potential to shake up and halt your business proceedings.

Security Mis-configuration: Clumsy mistakes by users or employees can expose cyber security for hacking. When employees or users use default passwords, run outdated or unnecessary applications then these become an easy target for even low-level hackers.

Weak Authentication: Broken authentication is one of the most common cyber security vulnerability. When encrypted data are exchanged online say, by logging in, then that data is vulnerable to theft. In most cases, hackers target weak areas in authentication and session management which occur between any two systems for exchange of package. If data is encrypted poorly, hackers using techniques like Man-in-the-Middle can intercept and decipher any data sent by a user.

Aging infrastructure: Having outdated hardware can expose your system to cyber-attacks since it may be incapable to install latest security patches for the software in it. Using obsolete software which requires older versions of plug-ins can also make your system network vulnerable to cyber-attacks.

Though strengthening the defense system of your organization against cyber-attacks in a short span of time may not be viable but prioritizing the cyber issue and investing on it is a must. Its long-term benefits are immense.