CTS Journal

Categories

  • What are the implications for private medical clinics in British Columbia?
  • If I know that my clinic only has to be compliant with PIPA, do I need to report a breach?

It has been a busy year since our last series of journal posts on clinic security. Thanks to work we have been doing with our healthcare clients in BC, we would like to update you on new developments and emerging best practice standards.

The emergence of ransomware as a worldwide issue reached its height in 2017, but it does not mean it has gone away. Worldwide ransomware attacks can be devastating. Could my clinic be affected? When I hear news of a massive attack underway, what can I do to protect myself?

  • Here is a presentation we gave while an attack was actually underway. What we presented during the meeting are practical, low-cost steps that can help mitigate the risks of becoming a victim.
  • How important is cyber-security to patient safety?
  • Lessons learned from a report in the British Medical Journal concerning the WannaCry ransomware attack on the British National Health Service.

Part 7 of our series on Best Practices

  • No "pwn" intended. How do I know whether someone has hacked a site where I have an on-line account?

The Doctors Technology Office sounded the alarm that ransomware "is spreading like the plague. Healthcare organizations must know that they ARE a target and will be attacked.". This post covers:

  • key information about the evolving and increasingly sophisticated nature of ransomware
  • what your clinic can do to decrease the chances of being attacked, and help recover from it, should this occur.

How can I protect access to my confidential accounts?

  • Lessons learned from the PharmaNet Breach.

Part 6 of our series on Best Practices

  • Four critical steps you can take to respond effectively to a clinic data breach.

Part 5 of our series on Best Practices

  • 10 ways to protect your clinic

Part 4 of our series on Best Practices

  • How your clinic can quickly assess privacy and security risks
    • Privacy and Security Checklist
    • OIPC Security Self-Assessment Tool

Part 3 of our series on Best Practices

  • 12 recommendations that arose from an audit of a medical clinic by the BC Office of the Information and Privacy Commissioner (OIPC).

Part 2 of our series on Best Practices

  • Put someone in charge.
  • Once you have done that, here are 10 practical steps to help clinicians comply with privacy legislation.

Part 1 of our series on Best Practices

We are complicated creatures of habit. We tend to do things, more or less, because that’s the way we have always done them. Your patient’s confidential information may be put at risk simply because staff may not be aware of what they must do.

A new report published by Tenable, a worldwide network security firm, assessed the state of cyber readiness to withstand an attack. Reported results from Canadian health care institutions is not good.

We are excited to launch our new website today, in the midst of announcing a comprehensive new range of privacy and data security services specifically designed to support the health care community in western Canada.