06 Jul 2017

Jason Pierre-Paul had it good. He was drafted by the New York Giants in the first round of the NFL draft and agreed to a 5 year $20.5 million deal. He lived up to his expectations and was a key player for the Giants until 2015. Pierre –Paul plays defensive end, which means he uses his hand to balance himself before every play starts. Not only that, but all players use their hands to tackle and shed blocks. That’s why when a firework blew up in Pierre-Paul’s hand on July 4th, 2015, his career was put in serious jeopardy. Given the lack of football news during the summer, sports news companies jumped on the story. In the competition for information, one well-known reporter named Adam Schefter tweeted a picture of Pierre-Paul’s medical chart.

Everyone in the medical field just cringed at the thought of having a patient’s information tweeted out because of the clear HIPAA violation. Fortunately for ESPN reporters aren’t regulated HIPAA, but that doesn’t mean that there were no repercussions. This month Pierre-Paul and ESPN settled a lawsuit, and that was good news for them.

When it comes to HIPAA, it’s not a matter of if, but when you’ll make a mistake. Healthcare providers handle too many electronic health records (EHRs) to be perfect, add hackers and human error to the mix and you have inevitable mistakes. The good news is you decide how big the ripples from you and your co-workers or employees will be.

ESPN got lucky, but not everyone is so fortunate. Take the recent Verity Health System breach as an example. The California healthcare provider operates six hospitals and employs 8,000 people, which leaves tons of room for error. Of course, an organization of that size runs several websites and relies on technology. But hackers didn’t have to sit back and observe Verity and find a vulnerability because they left one right out in the open. Verity stopped using one of its websites but never shut it down, leaving a doorway to their patient’s information out in the open. The results weren’t pretty, over 10,000 patients had their records exposed in a breach that took place in October 2015. Fortunately, social security numbers and full credit card numbers weren’t accessible, but that doesn’t mean Verity won’t be paying for their lapse. Full names, addresses, phone numbers, emails, date of births, and the last four digits of credit card numbers were accessed. Of course, Verity is paying a fortune for things like credit monitoring for affected patients, but they’ll also be losing money for years thanks to their damaged reputation.

As you might have guessed all this could’ve been avoided or had a smaller impact. Obviously, if Verity shut down their website there wouldn’t have been a hack, but they still could’ve lessened the number of patients affected by simply finding the site. The hack took place in 2015 and they just found it last month.

When it comes to healthcare and HIPAA, it’s only a matter of time until you or an employee makes a mistake like posting compromising information on social media or forgetting to shut down a site and leaving it up for years. Still sounds like it will never happen to you? In some cases, even something as simple as calling out a patient’s full name in a waiting room can be a HIPAA violation. People make mistakes, but that doesn’t mean they have to kill your business. If you know the ins and outs of cybersecurity and HIPAA not only will you be able to avoid most of the mistakes people make, but you’ll be able to spot the mistakes you do make before they turn into disasters.

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top