By Dave Shepherdson, Phenomenal Networks.

It seems as if the HIPAA rules will finally get strengthened and also be more effectively policed. One of the big impacts is the exponential increase in the use of mobile devices both inside and outside healthcare institutions. With doctors being able to check EHRs even from the golf course, data security measures become paramount to staying within the HIPAA rules.

The omnibus final rule implementing many of the changes to the Health Insurance Portability and Accountability Act (HIPAA) was accepted for review by the Office of Management and Budget (OMB) March 24, finally moving to its final clearance hurdle, according to Susan McAndrew, Deputy Director for Health Information Privacy at U.S. Department of Health & Human Services’ Office for Civil Rights (OCR). HIPAA mega rule in its ‘last clearance lap’

The mega rule combines four separate rulemakings: the changes to HIPAA’s privacy and security rules mandated by the HITECH Act; the new enforcement requirements and higher penalty requirements; the final regulations of HITECH’s breach notification rule; and changes to HIPAA to incorporate the Genetic Information Nondiscrimination Act (GINA).
How does Stage 2 dovetail with HIPAA?

Most healthcare organizations are not prepared for a privacy and security compliance review, according to a November HCPro survey, reports HealthLeaders Media. Of the more than 400 responding organizations, only 17 percent said they are fully prepared for a federal HIPAA audit, while 70 percent are “somewhat prepared” to be evaluated. The audits are designed to yield best practices, as well as areas of risk for health information breaches, according to FierceHealthcare. However, such “unpreparedness” to demonstrate HIPAA compliance could signal health records are not properly secure or private.
 Most not ready for HIPAA audits; data breaches abound – FierceHealthcare

HIPPA violations can be very expensive and the penalties are being dramatically increased. According to a recent Ponemon Institute report, it now costs the victim of a security breach $214 per compromised record and an average of $7.2 million per data breach event. A large part of the problem is that some business associates, although relatively familiar with HIPAA’s privacy rule, still are not as well versed in HIPAA’s security rule and the security breach notification requirements. 

Failing to protect patient data could not only land a provider in legal hot water for violating HIPAA. It could also mean that the provider did not successfully attest to Meaningful Use, jeopardizing the provider’s ability to obtain–or keep–an incentive payment.

http://www.fierceemr.com/story/how-does-stage-2-dovetail-hipaa/2012-03-01#ixzz1sV7X1118

The costs of HIPAA violation are not just constrained to monetary impact. There are also potential business implications. Breaches involving more than 500 individuals are publicized on HHS’ website, known as the “wall of shame.” More than 400 entities have been added to the wall of shame since it was created in 2009. Apparently only 24 percent of the breaches on the wall of shame involved breaches of paper records; most involved electronic data on computers, electronic health records, and portable electronic devices and only 7 percent were due to IT hacking; most of them were caused by human error, such as theft or loss of the equipment.

Are your systems HIPAA compliant?

By Dave Shepherdson, COO, Phenomenal Networks.

 Minnesota has some of the most scenic and beautiful forests and lakes in the US (Not that I am biased of course). Coming from a continent where the wild outdoors provides a complete break from the frenetic industry I chose to be in, it is great to be able to retreat to the great Northern Minnesotan Woods and get a sense of balance back in my life.

 I was fortunate to be able to lease some land right next to the Superior National Forest, some 20 miles from the nearest town and 5 miles from any highway. On a cloudless night you can see satellites streak across the sky and hear the coyotes howling. All twelve months provide a haven whenever I am able to take a break.

 Now the point of this story is that I did not chance on this location – When I go up North I am invariably on my own, and since I had a heart attack 6 years ago, I need to make sure I can get to a Hospital that can take care of me should it happen again.

I chose this area as the nearest town has a hospital that belongs to the same group that saved my life. If I have an emergency I can either drive or activate the Personal Locator Beacon and know by getting to this hospital they can immediately get my Electronic Medical Records including digital scans from the Metro Hospital via a high speed link.

 I might be relaxing as far away from technology as possible but I am certainly relying on it to save my life should the need arise.

By Dave Shepherdson, COO, Phenomenal Networks

A Hospital environment is required to be both HIPPA and PCI compliant.

HIPPA to safeguard your personal medical information and PCI to protect your credit card details when the hospital processes a transaction. 

Phenomenal has some of the largest wireless installations in the Health Management environment in Minnesota. One of our major concerns for our customers is the ease of which you can crack WEP (a no brainer really) and, harder but not invulnerable, WAP. 

I have spent the last couple of days seeing how a non-technical person would be able to crack wireless security, and it is scarily easy. All the open source tools necessary are readily available to be able to capture wireless encrypted packets transmitted. Once that is done, a brute force password decracking program is run – now consider the number of permutations the program needs to be able to calculate, it would take a massive amount of computing power to do so. 

Again, the Internet makes it very easy – for $19.00 you can upload the network capture to a cloud infrastructure and you are guaranteed the password within 24 hours.

Bottom line - you may think that your wireless infrastructure is safe, but the reality is that it can be hacked very easily.

By Dave Shepherdson, COO Phenomenal Networks

I have been working in a high volume retail environment for fun over the last four months – a very conservative figure of 8 minutes per hour is Dead Time – Not reading Steven King, but, spending unnecessary time obtaining information relevant to close a potential sale. The number of people on a shift is normally 8 and each shift is eight hours – so taking those figures and reducing to round numbers an average of 1 hour per day is unnecessarily lost. That lost hour could be used to close two deals, each worth an average of $400.00 dollars.

Let us be conservative again and say that only one additional deal is closed and that only 50% of the staff are able to make one additional sale in the hour gained per day.

Do the math – with 32 stores Nationwide, the money really racks up – wonder if I would get 10% of the money I could save the company.

by Dave Shepherdson – COO, Phenomenal Networks

Steve Jobs can be credited for creating consumer devices that transitioned into the corporate workspace at light speed.

The capabilities of Smart phones and tablets which were initially adopted en mass by consumers, driven by both content and applications, have forced business corporations to adopt both the capabilities enabled by these devices. IT departments are scrambling to retain some control over the usage of these devices by people who enter their enterprises on a daily basis.

Employees are not longer satisfied by the experience delivered by current IT infrastructure, when they can access what they want, when required and at speeds far exceeding that delivered over the corporate Lan/Wan

Employees are also questioning why they have to wait for the IT department’s approval to roll out a productivity tool when it can be readily purchased on-line and implemented by the users themselves.

The magnitude of the challenge faced by IT Departments, is that the Smart Phone and Tablet is now ubiquitous and regardless if it is an employee or a visitor they are walking a tightrope of managing user expectations and addressing real security concerns – more to follow

By Dave Shepherdson, COO, Phenomenal Networks

74 million to a high of 152 million are the number of shoppers out over the Black Friday week-end.

A statistic worth noting “60 million Estimated number of Smartphone’s that’ll be used by shoppers over Black Friday weekend; some 21 million of those consumers plan on making purchases via Smartphone’s over the weekend.

Read more:

http://moneyland.time.com/2011/11/24/black-friday-2011-by-the-numbers/#ixzz1henCfA2Q

I was one of the many shoppers out looking for a deal – this time I was looking for the best deal on a phone, but the very last requirement was that it needed to be able to make a call and receive e-mail, that was a taken.

What I really wanted was a Tablet experience, so I could read a book, watch a rerun of “The Closer”, use a GPS app in the Northern Woods – Content and applications was driving my purchasing decision.

As I work in IT it would be really useful to have Telnet, FTP capabilities without booting a laptop every time.

I no longer make a decision about servicing my car solely based on price – the dealership that offers me Wi-Fi while I wait will get my business, as will the coffee shop.

The sheer numbers of people with Smart Devices means that not everyone is a good guy.

Next time you see me in your waiting room I am either watching a movie, reading the news or port scanning your network and breaking into your network.

read more -

Smartphones are becoming the go-to device for many consumers

https://www.npd.com/wps/portal/npd/us/news/pressreleases/pr_111222

By Dave Shepherdson, COO, Phenomenal Networks.

Applications drive the use of technology. The success of the Apple i-product range is mostly driven by the tens of thousands of apps. which are easily accessible. I have always been driven by the application philosophy in my own business of providing solutions to small and medium organizations. So I was excited when Roberto Fonts approached us to partner in a new service to provide language interpretation using video conferencing over the Internet.

Fonts’ company, Dialog One, is already established as a leading provider of phone and face to face interpretation but he saw shortcomings of these approaches in certain circumstances. For example in hospitals – getting an accurate diagnosis with a limited English speaking person usually needs more than just simple language translation. Being able to see the body language of the patient or for them to be able to point at the problem area can be key to enabling the doctor to get a quick and accurate assessment of the problem.

The service (Dialog One Video Interpreter, known as Dovi) allows customers to interact face to face with accredited language experts through a video conference interpretation over the Internet. The service is initially targeted at the healthcare and educational markets in Minnesota but will expand nationally over time.

“We have seen a continuously expanding need for language interpretation as the population becomes more language-diverse,” said Roberto Fonts, founder and President of Dialog One. “Schools and hospitals often need full-time staff to help conversations between staff, student, parents and patients but the problem is how to cover the number of languages now prevalent in Minnesota. Also there is a wide range of cultural differences and that is where we realized that use of video can improve overall communication effectiveness.”

“We researched the available technologies and chose Vidyo as the most cost effective, easy-to- use solution with the proven high definition that we need to make this service effective,” Fonts added, “Then we chose Phenomenal to be our technology partner so that we could focus on the interpretation.”

“We hear from Healthcare providers that they need to lower their interpreter service costs and get more work done.” said Fonts. “Using interpreters through video conferencing is faster and offers more flexibility. Customers pay only for the actual interpreter minutes being used rather than paying the industry standard 2 hour minimum for a 20-minute conversation. They are interested in faster response during and after business hours, weekends and holidays. They are looking for real solutions to their language barriers.”

Dovi is simple to use: the healthcare or education customer provides the computer hardware, web camera, a USB speakerphone all connected through a broadband connection to the Internet. They are often using a cart-based system that can be wheeled anywhere in the facility using wireless Internet connection. This way they can maintain maximum flexibility and lower cost.

Dovi also has a simple online procurement tool so that clients can schedule their video cultural mediation/interpretation session using secure login credentials. The user gets a confirmation email with the link to the video conference room for the interpretation session.

Initially the service covers the dominant languages here in Minnesota including Somali, Hmong and Spanish but eventually will expand to the full 150 languages that Dialog One offers in their standard telephone and in-person translations.

Security and privacy are always major concerns for any communications and we have planned a high level of both data and voice communication security into the service. The high level of encryption available with Vidyo systems is a big selling point to meeting the strict regulatory requirements such as HIPAA and other privacy laws.

We are all concerned about cost savings, improved services and better outcomes in all areas of Healthcare and Education. With Dovi and other associated applications, we can see improvements for all areas. One of the major cost problems is miss- diagnosis and minimizing this as well as providing a more comfortable environment for a limited-English speaking patient can create major cost savings.

So can businesses afford new solutions? The Holy Grail in this industry is achieving rapid ROI. The use of Dovi requires little to no investment in hardware technology & network to the end user. The concept is simple, and the user gets the experience of an onsite interpreter using video conferencing at the low cost of over-the-phone services. The ROI is quickly realized and the communication experience is heightened.

Also many of our customers see that, just like the iPad phenomenon, the Vidyo solution is a good general base technology on which to “stack” applications. So in addition to enabling language interpretation, the same system may also be used for general meeting teleconferencing, training, telemedicine and many other remote communication needs. The ability to go one-on one or many-to-many gives great flexibility and, of course, strong cost justification.

…… and the service can also be used on iPads.

Dave Shepherdson