Search found 47 matches
- Tue Apr 01, 2014 5:29 am
- Forum: Main Forum
- Topic: FDE an inability for Advanced Malware Detection
- Replies: 2
- Views: 5875
FDE an inability for Advanced Malware Detection
I have several dental clients who have portable devices (i.e., laptops) in which I use Truecrypt for full disk encryption (FDE) (for HIPAA compliance). In the past (prior too FDE), I'd scan their drive(s) with a LiveCD (e.g., Kaspersky's Rescue Disk) to check for malware, but obviously, this option ...
- Thu Dec 20, 2012 5:29 am
- Forum: Advanced Topics
- Topic: BYOD leads to data breaches in the workplace
- Replies: 1
- Views: 4845
BYOD leads to data breaches in the workplace
FWIW... While technology undoubtedly has made accessing medical information much easier and faster, it also has also provided an increased potential for medical data breaches especially as health personnel begin to use unsecure mobile devices for personal and work use. With an increase in health car...
- Wed Mar 28, 2012 5:36 am
- Forum: Advanced Topics
- Topic: X-Charge issues I've come across
- Replies: 7
- Views: 13111
Re: X-Charge issues I've come across
This problem of requiring administrative privileges on the local machine is not unique to Open Dental for it is an issue across the entire dental industry…regardless of platform.
- Sat Mar 24, 2012 6:40 am
- Forum: Advanced Topics
- Topic: X-Charge issues I've come across
- Replies: 7
- Views: 13111
Re: X-Charge issues I've come across
HIPAA compliance is very easy using our suggestion. Your only complaint was malware, which can be addressed by many effective means. For example, centrally monitored antivirus software will help prevent someone from uninstalling their antivirus without management knowing about it. Understand malwar...
- Thu Mar 22, 2012 4:01 am
- Forum: Advanced Topics
- Topic: X-Charge issues I've come across
- Replies: 7
- Views: 13111
Re: X-Charge issues I've come across
Very interesting observation indeed. Unfortunately "Power User" has been deprecated with Vista/Windows 7 and as such it's really not recommended in an Active Directory domain or workgroup environment. With the Power Users group in Windows 7 and Vista, the elevated privileges have been removed. The ...
- Mon Mar 19, 2012 4:49 am
- Forum: Advanced Topics
- Topic: X-Charge issues I've come across
- Replies: 7
- Views: 13111
Re: X-Charge issues I've come across
1. Why not give users local admin for each workstation? http://www.opendental.com/manual/networkusers.html It doesn't open up any security holes that I can think of since they don't actually get any domain admin privileges. Actually, user(s) with administrative privilege(s) on the local machine can...
- Tue Feb 21, 2012 2:55 pm
- Forum: Advanced Topics
- Topic: Business Associates in Massachusetts Must Be HIPAA Compliant
- Replies: 0
- Views: 3818
Business Associates in Massachusetts Must Be HIPAA Compliant
Compliance is about to get painfully expensive for all involved...Regardless, I can already feel the cost of healthcare tumbling down! Can't you? :? The noose is tightening on business associate compliance. The states are stepping in while HHS is dilly dallying. If you are a covered entity in Massac...
- Sun Feb 19, 2012 1:12 pm
- Forum: Advanced Topics
- Topic: Most Small Healthcare Practices Hacked In The Past 12 Months
- Replies: 0
- Views: 3780
Most Small Healthcare Practices Hacked In The Past 12 Months
Its becoming obvious most CE's are not taking their HIPAA/HITECH responsibility seriously and from what I’ve seen many just don’t care…Audits anyone? If you were wondering how safe your medical records are at your doctor's office, then this might make you sick: Ninety-one percent of small healthcare...
- Wed Feb 15, 2012 2:47 am
- Forum: Main Forum
- Topic: Microsoft word or Open office
- Replies: 3
- Views: 4092
Re: Microsoft word or Open office
Just curious, why is this the case? Libre Office would be such a great partnered solution with OD...jordansparks wrote:They both work if doing a letter merge to multiple patients. Only Word works if doing the merge for a single patient.
- Thu Jan 19, 2012 1:50 pm
- Forum: Main Forum
- Topic: Open Dental on a MAC
- Replies: 30
- Views: 54513
Re: Open Dental on a MAC
But its so much easier to throw out a corrupted virtual machine and start clean...... I agree about the ease of running a virtual machine, but there is a reason why software vendors only support specific installation/configurations (i.e., Windows)...the bloody edge becomes even more painful when yo...
- Thu Jan 19, 2012 3:37 am
- Forum: Main Forum
- Topic: Open Dental on a MAC
- Replies: 30
- Views: 54513
Re: Open Dental on a MAC
1) Once you have a 'master' copy of a Windows 7 machine (these will generally be under 16gb, so you can store a copy of your master in a thumb drive), all you have to do is to copy that 'master' copy into all your iMacs running VMWare fusion 2) The reason this is simpler, is that you don't have to ...
- Mon Jan 16, 2012 5:45 pm
- Forum: Main Forum
- Topic: Open Dental on a MAC
- Replies: 30
- Views: 54513
Re: Open Dental on a MAC
Really? Doesn't this post beg the question: What's the point of running MAC? Sure you get some beautiful hardware (for a premium), but at the end of the day your still running Windows, just behind another layer of complication...and you will have all the same issues associated with introducing buggy...
- Sat Jan 14, 2012 8:46 pm
- Forum: Advanced Topics
- Topic: When Someone Else's Insider Is Your Threat
- Replies: 0
- Views: 3606
When Someone Else's Insider Is Your Threat
Should CE's truly trust your BA's and is ASAP soon enough to have signed BAA's? :? Contract language and enforcement are necessary to protect your IP in another company's network. Just ask Symantec, which had its source code stolen from a third party by hackers. http://preview.tinyurl.com/7cyt6sh
- Mon Jan 02, 2012 1:51 am
- Forum: Advanced Topics
- Topic: OCR Starts HIPAA Privacy Audits
- Replies: 3
- Views: 7152
OCR Starts HIPAA Privacy Audits
http://tinyurl.com/7bu9yuxThe HHS Office for Civil Rights announced it is beginning HIPAA audits to assess covered entities' compliance with the privacy, security and breach notification rules.
- Tue Dec 13, 2011 4:53 am
- Forum: Advanced Topics
- Topic: Nearly Half of HIPAA HITECH Data Breaches Caused By Business
- Replies: 0
- Views: 3682
Nearly Half of HIPAA HITECH Data Breaches Caused By Business
Hmm..what to do? Todays article is by a law firm that analyzed the large data breaches and discovered that 50% of the breaches above 1,000,000 records were caused by BA and 44.8% of the breaches between 30,000 and 999,999 were also caused by BA. The Ponemon Institute Study reported 46% caused by BAs...
- Tue Dec 13, 2011 4:50 am
- Forum: Advanced Topics
- Topic: Rise of unencrypted cards
- Replies: 4
- Views: 7629
Re: Rise of unencrypted cards
If using Open Dental, all the CC numbers are stored on offsite servers and encrypted during transport. We use certified solutions. And "Certified Solution" means what? As the article suggests with most POS, not much... Example: Until their latest release, X-charge stored such data (unencrypted) on ...
- Mon Dec 12, 2011 3:51 am
- Forum: Advanced Topics
- Topic: Rise of unencrypted cards
- Replies: 4
- Views: 7629
Rise of unencrypted cards
Here's a little morsel for thought...Do you know if/where CC data is stored and if encrypted in transit and at rest? My experience is Frontdesk workstations get infected with malware the most, and these are the machines which accept CC payments. :oops: 71 percent of merchants were found to store une...
- Wed Nov 30, 2011 5:15 pm
- Forum: Advanced Topics
- Topic: HIPAA Security Rule Toolkit
- Replies: 0
- Views: 3353
HIPAA Security Rule Toolkit
"The NIST HIPAA Security Toolkit Application is intended to help organizations better understand the requirements of the HIPAA Security Rule, implement those requirements, and assess those implementations in their operational environment. Target users include, but are not limited to, HIPAA covered e...
- Sat Sep 24, 2011 2:39 am
- Forum: Advanced Topics
- Topic: Data is king!
- Replies: 2
- Views: 3934
HHS rule would give government everybody’s health records
"The HHS has proposed the federal government pursue one of three paths to obtain this sensitive information: A 'centralized approach' wherein insurers’ data go directly to Washington; an 'intermediate state-level approach' in which insurers give the information to the 50 states; or a 'distributed ap...
- Tue Sep 20, 2011 3:08 am
- Forum: Main Forum
- Topic: Kiosks, WiFi, Domains and Security
- Replies: 10
- Views: 9972
Re: Kiosks, WiFi, Domains and Security
2. These fears are multiplied when one the added risk of WiFi is factored in. For starters if someone steals a tablet they could potentially stand outside your office and connect to your entire system. In large offices with 2 or more tablets, a day or two could go by before such a thing is noticed....
- Sun Aug 21, 2011 2:01 am
- Forum: Advanced Topics
- Topic: Hardware, Software & Network Configs
- Replies: 23
- Views: 28978
Re: Hardware, Software & Network Configs
I just checked out another feature of MacOSX called file vault. It encrypts all the information you put in your 'home' folder (that is where I would put in OD database). Anything that is backed up from that folder would already be in encrypted form. This would remove at least one layer of work. I w...
- Sun Aug 21, 2011 1:48 am
- Forum: Main Forum
- Topic: Yet another VPN question
- Replies: 5
- Views: 7680
Re: Yet another VPN question
Is anyone here successfully using OD remotely using a VPN for security? If so, what combo of programs and settings is working for you? Are you trying to connect different networks together or remotely access a machine on your LAN to access OD? VPN's (e.g., OpenVPN, IPSec) are generally used to conn...
- Thu Aug 11, 2011 1:54 am
- Forum: Main Forum
- Topic: Carestream Dental Softdent
- Replies: 1
- Views: 4516
Carestream Dental Softdent
I looked through the existing posts but didn't find anything that speaks to this... Is there any issue(s) I should be concerned with if a practice were to temporarily install/run Softdent on a Front Desk workstation which has Open Dental installed (the machine is not the OD server)? A temporary conv...
- Fri Jul 29, 2011 11:02 am
- Forum: Advanced Topics
- Topic: Should you be archiving emails?
- Replies: 2
- Views: 4249
Should you be archiving emails?
Hate to be the alarmist in the group, but this blog post (below) made the hairs on the back of my neck stand up!
So, without further ado, here's another little heaping spoonful of food for thought...
"Email Archiving in the Healthcare Industry"
http://preview.tinyurl.com/3otuzwt
So, without further ado, here's another little heaping spoonful of food for thought...
"Email Archiving in the Healthcare Industry"
http://preview.tinyurl.com/3otuzwt
- Sun Jul 24, 2011 10:42 am
- Forum: Main Forum
- Topic: Office Suite
- Replies: 6
- Views: 6192
Re: Office Suite
I have a practice wondering whether to purchase MS Office or just use an open source free office suite...
- Sun Jul 24, 2011 1:48 am
- Forum: Main Forum
- Topic: Office Suite
- Replies: 6
- Views: 6192
Office Suite
Are there any issues or concerns using Libre Office (http://www.libreoffice.org/) and Open Dental (OD), or Foxit Reader (http://www.foxitsoftware.com/) and OD?
- Sat Jul 23, 2011 3:12 pm
- Forum: Advanced Topics
- Topic: Data is king!
- Replies: 2
- Views: 3934
Data is king!
"The Magic of Big Data: GE, MIT Unveil New Way of Visualizing Disease" http://preview.tinyurl.com/3ug9n9v Anonymized records? Right... Imagine as "they" do, having access to BILLIONS of health records (including dental) across the US, and the trials they could mandate and/or service(s) deny. We’re j...
- Thu Jul 21, 2011 3:26 am
- Forum: Main Forum
- Topic: Leading from behind...
- Replies: 0
- Views: 3122
Leading from behind...
jsparks - message deleted. Too spammy.
- Wed Jul 20, 2011 9:10 am
- Forum: Main Forum
- Topic: Recent HIPAA/HITECH changes
- Replies: 3
- Views: 3644
Re: Recent HIPAA/HITECH changes
That post seems kinda spammy. The post, news site, or video seems "spammy"? The video I found very informative with respect to covered entities and their business partners all responsible for protecting PHI and the fact each can be separately audited. Watching the video reminded of the article belo...
- Tue Jul 19, 2011 2:01 am
- Forum: Main Forum
- Topic: Recent HIPAA/HITECH changes
- Replies: 3
- Views: 3644
Recent HIPAA/HITECH changes
Is now time to get serious about information security? More capital please...Hope your practice got the federal incentive money; the cost to implement EHR's may have just gone up. Yikes! "As part of the American Recovery and Reinvestment Act of 2009, Congress enacted the Health Information Technolog...
- Mon Jul 11, 2011 10:00 am
- Forum: Advanced Topics
- Topic: The need for EMR's
- Replies: 1
- Views: 3121
Re: The need for EMR's
Curious…are there other forum(s) “out there” discussing the unique IT infrastructure issues that make possible EMR’s within the Dental industry?
- Mon Jul 11, 2011 8:13 am
- Forum: Advanced Topics
- Topic: The need for EMR's
- Replies: 1
- Views: 3121
The need for EMR's
What is it called when people feel need to spend so much time convincing others of the value of a product or service? How about: false, untrue, incorrect, made-up, and just plain wrong… EMR’s are not an “if” but “when” idea and most are very excited about applying new technology, sooner rather than ...
- Sun Jul 10, 2011 4:48 am
- Forum: Advanced Topics
- Topic: Video – If Air Travel worked like Health Care – Very Funny
- Replies: 1
- Views: 3161
Video – If Air Travel worked like Health Care – Very Funny
Video – If Air Travel worked like Health Care – Very Funny
http://preview.tinyurl.com/6k2wsxp
http://preview.tinyurl.com/6k2wsxp
- Sun Jul 10, 2011 4:45 am
- Forum: Advanced Topics
- Topic: The risk to IT from Healthcare
- Replies: 9
- Views: 9468
Re: The risk to IT from Healthcare
Dental’s challenge like others in the healthcare industry is an inability to truly acknowledge threats and manage risk! On a happier note, it can be fixed, more capital please…
- Wed Jul 06, 2011 9:48 am
- Forum: Main Forum
- Topic: Business Associate Agreement
- Replies: 2
- Views: 3646
Business Associate Agreement
Any Covered Entity's looking to update your policy(s) to include the need to have your consultant(s), contractor(s), and vendor(s) sign a Business Associate Agreement? I found this "Sample Business Associate Agreement made available by the HIPAA Survival Guide" which might be a point to begin. Just ...
- Wed Jul 06, 2011 4:10 am
- Forum: Advanced Topics
- Topic: The risk to IT from Healthcare
- Replies: 9
- Views: 9468
Re: The risk to IT from Healthcare
My bad. Apologies, Carl. no problem, Accepted! I'm now just a local shop trying to help small business fight the battle malcontents have wage against us all. I’m told the biggest threat comes from those tubes and that dang interweb thingy. They said there are some real mischief-makers out there and...
- Tue Jul 05, 2011 3:07 pm
- Forum: Advanced Topics
- Topic: The risk to IT from Healthcare
- Replies: 9
- Views: 9468
Re: The risk to IT from Healthcare
Really??? This isn't about me, all should be asking if what I’m suggesting is true or not, and if so, what you can do to move beyond it? The only thing worse than doing nothing, is doing nothing… I fully support the Open Source community and truly appreciate Open Dental (OD) and their very successfu...
- Sun Jul 03, 2011 3:53 pm
- Forum: Advanced Topics
- Topic: The risk to IT from Healthcare
- Replies: 9
- Views: 9468
Re: The risk to IT from Healthcare
No, I don't think the marriage of IT and healthcare just happened. What is new is this huge (recent) shove by the state toward digital healthcare (EMR’s) without clear solution(s) available from the computer industry to successfully achieve, across the board, what will be required. With that said, I...
- Mon Jun 27, 2011 1:59 am
- Forum: Advanced Topics
- Topic: The risk to IT from Healthcare
- Replies: 9
- Views: 9468
The risk to IT from Healthcare
Food for thought! I find it amazing, the healthcare industry's full speed approach to IT when we're witnessing so much risk and failure. Everyone seems to be saying let’s just rush this idea and get there, and then we’ll fix and deal with the consequences later. Has there ever been a time when a who...
- Sat Jun 25, 2011 10:42 am
- Forum: Advanced Topics
- Topic: Security risk from medical devices, Huh?
- Replies: 0
- Views: 3093
Security risk from medical devices, Huh?
I think the question depends on what the definition of “Medical Device” is… might it be any “hardware” that has the potential to touch PHI? Does everyone with skin in the game (no pun intended) understand what PHI is? With the forced push to EMR’s and all the uncertainty of new technologies being de...
- Wed Jun 22, 2011 9:35 am
- Forum: Advanced Topics
- Topic: Sms text messages
- Replies: 5
- Views: 6796
Re: Sms text messages
Maybe unless previously requested by a patient, but wouldn’t SMS text messaging (similar to regular email) be a Non-compliant communications practice, and might cellular phone numbers, along with email addresses, acquired by Covered Entities, be considered PHI? Hmm...Interesting, you know, each coul...
- Wed Jun 22, 2011 8:34 am
- Forum: Advanced Topics
- Topic: Hardware, Software & Network Configs
- Replies: 23
- Views: 28978
Re: Hardware, Software & Network Configs
Another concern may be if the off-site storage service provider (e.g., Carbonite), due to your use for backup, now become a Business Associate (BA), and must they be HIPAA/HITECH compliant?
Many questions, few answers...
Many questions, few answers...
- Tue Jun 21, 2011 2:56 am
- Forum: Advanced Topics
- Topic: Hardware, Software & Network Configs
- Replies: 23
- Views: 28978
Re: Hardware, Software & Network Configs
OK, I get it as far as encryption. I will use my Data Backup to encrypt my data at rest to a specific backup drive, and then have Carbonite copy that data to their servers. The data is encrypted at rest, reencrypted once more during transfer to the offsite Carbonite servers, and stores offsite in e...
- Tue Jun 21, 2011 1:53 am
- Forum: Main Forum
- Topic: Is there a way to send mass emails to patients?
- Replies: 6
- Views: 8569
Re: Is there a way to send mass emails to patients?
Has there been any progress towards mass e-mailing patients? Currently I am forced to export all emails and import them into our Gmail online contacts and we email from there. Unfortunately, Gmail limits emails to a max of 500 recipients at a time so we have to have multiple groups in our address b...
- Mon Jun 20, 2011 2:16 pm
- Forum: Advanced Topics
- Topic: Hardware, Software & Network Configs
- Replies: 23
- Views: 28978
Re: Hardware, Software & Network Configs
hmmm, Never mind, I did not know it, but Carbonite uses a combination of Blowfish and DES encryption while Data Backup uses AES-128 algorithm. This standard is the latest encryption standard approved by the U.S. Government for sensitive documents. So my current set-up does comply with HIPAA regs. I...
- Mon Jun 20, 2011 2:11 pm
- Forum: Advanced Topics
- Topic: Hardware, Software & Network Configs
- Replies: 23
- Views: 28978
Re: Hardware, Software & Network Configs
Cobian Backup http://www.cobiansoft.com/stjames70 wrote:Good point. Do you know any software that will encrypt backup to physical media and any cloud backup services that backup your data enroute? I could google it, but I think you know the answer....
- Sun Jun 19, 2011 1:13 am
- Forum: Advanced Topics
- Topic: Hardware, Software & Network Configs
- Replies: 23
- Views: 28978
Re: Hardware, Software & Network Configs
Doesn't HIPAA require the offsite storage or "removable/transportable digital memory medium" of PHI to be encrypted both "in transit" and "at rest"?stjames70 wrote:3. Backup config/software
Carbonite and Data Backup
Your solution(s) might possibly miss the mark...Just a thought.