CTS Journal


Click on links or images below for complete articles.

Part 12 of our series on Best Practices

We are navigating our way into a new world these days. Rapidly changing health-related events around the world are having a major impact on the way we work and meet. In many cases, video conferences have now become the preferred method over face to face meetings.

But hosting an engaging, productive video conference can be challenging.

Here are some suggestions that can help.

Part 11 of our series on Best Practices

Much like the practice of medicine, cyber security in Canada, and around the world, is an evolving discipline. For this reason, there is no single "correct" approach that will safeguard your healthcare clinic from all threats. But there is much that you can do.

The Canadian Federal government has just announced a certification program based on an extremely helpful set of standards designed specifically to help protect small and medium businesses from a majority of threats. Businesses such as your medical clinic.

And best of all, it can be achieved with a modest amount of effort. Intrigued? Read on.

There was a time last year when people were asking whether Ransomware is really as much of a problem as it was a few years ago.

No longer.

This update shares what has been happening that has been giving cyber experts concern recently, together with some important steps that you can take to reduce the chances of your clinic from becoming a victim.

Part 10 of our series on Best Practices

Everyone knows that the more complicated and unique a password is, the harder it is for hackers to discover it.

But passwords must also be unique. Otherwise, one account that becomes compromised can cascade into a nightmare of a long list of compromised accounts. Including, perhaps some very important ones. Your clinic network or EMR, perhaps. Or your banking records.

So, how can you create complex passwords, are truly unique, and yet are easy to use? Here are two methods that can help

No, not really.

But this is a rather personal case study, because I received multiple email messages designed to look as if I had been. And all of them were criminal extortion attempts.

  • How do you know whether someone has hacked your account if you receive email messages like the ones I did?
  • Four steps your clinic can take to survive a similar attacks.

Part 9 of our series on Best Practices

Hidden in your clinic's network wiring closet, or perhaps on a shelf, is a critical component needed to safeguard your clinic's data. Your wireless router.

Here are eight steps that needs to be done in order to help ensure you are using the right equipment, and it is configured properly.

Today is International Privacy Day. And with this in mind, together with events taking place across the province over the coming week as part of "BC Aware", a major IT security awareness conference, here are some helpful materials, courtesy of Doctors of BC, that your medical clinic can use right now.

Part 8 of our series on Best Practices

  • What are the implications for private medical clinics in British Columbia?
  • If I know that my clinic only has to be compliant with PIPA, do I need to report a breach?

It has been a busy year since our last series of journal posts on clinic security. Thanks to work we have been doing with our healthcare clients in BC, we would like to update you on new developments and emerging best practice standards.

The emergence of ransomware as a worldwide issue reached its height in 2017, but it does not mean it has gone away. Worldwide ransomware attacks can be devastating. Could my clinic be affected? When I hear news of a massive attack underway, what can I do to protect myself?

  • Here is a presentation we gave while an attack was actually underway. What we presented during the meeting are practical, low-cost steps that can help mitigate the risks of becoming a victim.
  • How important is cyber-security to patient safety?
  • Lessons learned from a report in the British Medical Journal concerning the WannaCry ransomware attack on the British National Health Service.

Part 7 of our series on Best Practices

  • No "pwn" intended. How do I know whether someone has hacked a site where I have an on-line account?

The Doctors Technology Office sounded the alarm that ransomware "is spreading like the plague. Healthcare organizations must know that they ARE a target and will be attacked.". This post covers:

  • key information about the evolving and increasingly sophisticated nature of ransomware
  • what your clinic can do to decrease the chances of being attacked, and help recover from it, should this occur.

How can I protect access to my confidential accounts?

  • Lessons learned from the PharmaNet Breach.

Part 6 of our series on Best Practices

  • Four critical steps you can take to respond effectively to a clinic data breach.

Part 5 of our series on Best Practices

  • 10 ways to protect your clinic

Part 4 of our series on Best Practices

  • How your clinic can quickly assess privacy and security risks
    • Privacy and Security Checklist
    • OIPC Security Self-Assessment Tool

Part 3 of our series on Best Practices

  • 12 recommendations that arose from an audit of a medical clinic by the BC Office of the Information and Privacy Commissioner (OIPC).

Part 2 of our series on Best Practices

  • Put someone in charge.
  • Once you have done that, here are 10 practical steps to help clinicians comply with privacy legislation.

Part 1 of our series on Best Practices

We are complicated creatures of habit. We tend to do things, more or less, because that’s the way we have always done them. Your patient’s confidential information may be put at risk simply because staff may not be aware of what they must do.

A new report published by Tenable, a worldwide network security firm, assessed the state of cyber readiness to withstand an attack. Reported results from Canadian health care institutions is not good.

We are excited to launch our new website today, in the midst of announcing a comprehensive new range of privacy and data security services specifically designed to support the health care community in western Canada.