Three weeks ago Internet users were notified en masse that a security vulnerability had been discovered in OpenSSL, a widely-used piece of open-source software that helps securely transport information around the web. The so-called Heartbleed bug forced healthcare IT vendors across the industry to perform internal forensic analyses to check whether they were sending vulnerable PHI across various internal and external networks.
Just one week later Microsoft announced that it had discovered a serious security vulnerability in its Internet Explorer browser. The issue was so severe that it prompted the federal government to tell citizens to use another browser until the flaw had been corrected. Once again, health IT vendors had to perform HIPAA-mandated security risk assessments to measure the severity and scope of the security incident.
Keeping the April security flaw theme going, just last week yet another vulnerability was discovered in a tool that many people use every day. The “Covert Redirect” vulnerability in OAuth, an open-source log-in tool used by such Internet titans as Facebook and Google, allows hackers to steal user data and gain access to secure websites. Again, vendors in the healthcare space with user-facing portals had to perform the same assessments to determine if their customer PHI had been compromised.
It was certainly an April to remember for health IT security professionals. Aside from countless hours of remediation and forensic efforts, these events should serve as a reminder of the risks associated with allowing a Business Associate to take custody of you patients’ PHI. Business Associate Agreements can be signed, and vendor assessments can be performed, but at the end of the day, you are placing yourself at the mercy of your provider’s security controls. And as the April security incidents have shown us, not even the vendors with the most
painstaking security checks will be 100% secure.Sometimes abstinence is the only means of prevention. Passing through the cloud avoids the Business Associate conundrum by never allowing your PHI to be stored or even passed through a vendor’s environment. How many assurance emails can you get from your IT vendors before it’s enough?
A lifelong communicator, this Tennessee native got his start in broadcast news before branching out into public media, corporate, communications, digital advertising, and integrated marketing. Prior to joining QliqSOFT as the company's first marketing team member, Ben shared his talents with organizations that include the University of Alabama, iHeartMedia, and The Kroger Company.
Engaging Patients and Connecting Care Teams Through Interactive Digital ConversationsLearn More
Discover how digital platforms are revolutionizing community health centers (CHCs) by alleviating staff burnout through automated messaging, customizable patient engagement, and care coordination. By leveraging chatbot-based digital automation, CHCs can reduce manual tasks, increase patient satisfaction, close gaps in care, and improve staff work-life balance. These platforms enable secure texting, virtual visits, and efficient communication, ensuring patients receive timely and personalized care while allowing staff to focus on patient needs and streamline workflows.
Discover the significance of conversational AI in healthcare as it replicates natural interactions between humans and machines, offering personalized and interactive patient experiences. Healthcare providers benefit from automating administrative tasks, answering queries, disseminating information, tracking symptoms, and analyzing clinical data. Successful implementation requires prioritization, agility, measurement, expansion, realistic expectations, and choosing a results-oriented partner.
During their search for a full telemedicine solution, FCN leaders discovered that QliqSOFT brought to the table all types of mission-critical digital patient communications. Though hesitant initially, FCN leaders “decided to take a leap of faith,” Rocha said, explaining that “terms like chatbot and AI made people nervous.”