Search found 47 matches

by packets
Tue Apr 01, 2014 5:29 am
Forum: Main Forum
Topic: FDE an inability for Advanced Malware Detection
Replies: 2
Views: 5790

FDE an inability for Advanced Malware Detection

I have several dental clients who have portable devices (i.e., laptops) in which I use Truecrypt for full disk encryption (FDE) (for HIPAA compliance). In the past (prior too FDE), I'd scan their drive(s) with a LiveCD (e.g., Kaspersky's Rescue Disk) to check for malware, but obviously, this option ...
by packets
Thu Dec 20, 2012 5:29 am
Forum: Advanced Topics
Topic: BYOD leads to data breaches in the workplace
Replies: 1
Views: 4767

BYOD leads to data breaches in the workplace

FWIW... While technology undoubtedly has made accessing medical information much easier and faster, it also has also provided an increased potential for medical data breaches especially as health personnel begin to use unsecure mobile devices for personal and work use. With an increase in health car...
by packets
Wed Mar 28, 2012 5:36 am
Forum: Advanced Topics
Topic: X-Charge issues I've come across
Replies: 7
Views: 12958

Re: X-Charge issues I've come across

This problem of requiring administrative privileges on the local machine is not unique to Open Dental for it is an issue across the entire dental industry…regardless of platform. :oops:
by packets
Sat Mar 24, 2012 6:40 am
Forum: Advanced Topics
Topic: X-Charge issues I've come across
Replies: 7
Views: 12958

Re: X-Charge issues I've come across

HIPAA compliance is very easy using our suggestion. Your only complaint was malware, which can be addressed by many effective means. For example, centrally monitored antivirus software will help prevent someone from uninstalling their antivirus without management knowing about it. Understand malwar...
by packets
Thu Mar 22, 2012 4:01 am
Forum: Advanced Topics
Topic: X-Charge issues I've come across
Replies: 7
Views: 12958

Re: X-Charge issues I've come across

Very interesting observation indeed. Unfortunately "Power User" has been deprecated with Vista/Windows 7 and as such it's really not recommended in an Active Directory domain or workgroup environment. With the Power Users group in Windows 7 and Vista, the elevated privileges have been removed. The ...
by packets
Mon Mar 19, 2012 4:49 am
Forum: Advanced Topics
Topic: X-Charge issues I've come across
Replies: 7
Views: 12958

Re: X-Charge issues I've come across

1. Why not give users local admin for each workstation? http://www.opendental.com/manual/networkusers.html It doesn't open up any security holes that I can think of since they don't actually get any domain admin privileges. Actually, user(s) with administrative privilege(s) on the local machine can...
by packets
Tue Feb 21, 2012 2:55 pm
Forum: Advanced Topics
Topic: Business Associates in Massachusetts Must Be HIPAA Compliant
Replies: 0
Views: 3770

Business Associates in Massachusetts Must Be HIPAA Compliant

Compliance is about to get painfully expensive for all involved...Regardless, I can already feel the cost of healthcare tumbling down! Can't you? :? The noose is tightening on business associate compliance. The states are stepping in while HHS is dilly dallying. If you are a covered entity in Massac...
by packets
Sun Feb 19, 2012 1:12 pm
Forum: Advanced Topics
Topic: Most Small Healthcare Practices Hacked In The Past 12 Months
Replies: 0
Views: 3725

Most Small Healthcare Practices Hacked In The Past 12 Months

Its becoming obvious most CE's are not taking their HIPAA/HITECH responsibility seriously and from what I’ve seen many just don’t care…Audits anyone? If you were wondering how safe your medical records are at your doctor's office, then this might make you sick: Ninety-one percent of small healthcare...
by packets
Wed Feb 15, 2012 2:47 am
Forum: Main Forum
Topic: Microsoft word or Open office
Replies: 3
Views: 3985

Re: Microsoft word or Open office

jordansparks wrote:They both work if doing a letter merge to multiple patients. Only Word works if doing the merge for a single patient.
Just curious, why is this the case? Libre Office would be such a great partnered solution with OD...
by packets
Thu Jan 19, 2012 1:50 pm
Forum: Main Forum
Topic: Open Dental on a MAC
Replies: 30
Views: 54015

Re: Open Dental on a MAC

But its so much easier to throw out a corrupted virtual machine and start clean...... I agree about the ease of running a virtual machine, but there is a reason why software vendors only support specific installation/configurations (i.e., Windows)...the bloody edge becomes even more painful when yo...
by packets
Thu Jan 19, 2012 3:37 am
Forum: Main Forum
Topic: Open Dental on a MAC
Replies: 30
Views: 54015

Re: Open Dental on a MAC

1) Once you have a 'master' copy of a Windows 7 machine (these will generally be under 16gb, so you can store a copy of your master in a thumb drive), all you have to do is to copy that 'master' copy into all your iMacs running VMWare fusion 2) The reason this is simpler, is that you don't have to ...
by packets
Mon Jan 16, 2012 5:45 pm
Forum: Main Forum
Topic: Open Dental on a MAC
Replies: 30
Views: 54015

Re: Open Dental on a MAC

Really? Doesn't this post beg the question: What's the point of running MAC? Sure you get some beautiful hardware (for a premium), but at the end of the day your still running Windows, just behind another layer of complication...and you will have all the same issues associated with introducing buggy...
by packets
Sat Jan 14, 2012 8:46 pm
Forum: Advanced Topics
Topic: When Someone Else's Insider Is Your Threat
Replies: 0
Views: 3555

When Someone Else's Insider Is Your Threat

Should CE's truly trust your BA's and is ASAP soon enough to have signed BAA's? :? Contract language and enforcement are necessary to protect your IP in another company's network. Just ask Symantec, which had its source code stolen from a third party by hackers. http://preview.tinyurl.com/7cyt6sh
by packets
Mon Jan 02, 2012 1:51 am
Forum: Advanced Topics
Topic: OCR Starts HIPAA Privacy Audits
Replies: 3
Views: 7066

OCR Starts HIPAA Privacy Audits

The HHS Office for Civil Rights announced it is beginning HIPAA audits to assess covered entities' compliance with the privacy, security and breach notification rules.
http://tinyurl.com/7bu9yux
by packets
Tue Dec 13, 2011 4:53 am
Forum: Advanced Topics
Topic: Nearly Half of HIPAA HITECH Data Breaches Caused By Business
Replies: 0
Views: 3629

Nearly Half of HIPAA HITECH Data Breaches Caused By Business

Hmm..what to do? Todays article is by a law firm that analyzed the large data breaches and discovered that 50% of the breaches above 1,000,000 records were caused by BA and 44.8% of the breaches between 30,000 and 999,999 were also caused by BA. The Ponemon Institute Study reported 46% caused by BAs...
by packets
Tue Dec 13, 2011 4:50 am
Forum: Advanced Topics
Topic: Rise of unencrypted cards
Replies: 4
Views: 7528

Re: Rise of unencrypted cards

If using Open Dental, all the CC numbers are stored on offsite servers and encrypted during transport. We use certified solutions. And "Certified Solution" means what? As the article suggests with most POS, not much... Example: Until their latest release, X-charge stored such data (unencrypted) on ...
by packets
Mon Dec 12, 2011 3:51 am
Forum: Advanced Topics
Topic: Rise of unencrypted cards
Replies: 4
Views: 7528

Rise of unencrypted cards

Here's a little morsel for thought...Do you know if/where CC data is stored and if encrypted in transit and at rest? My experience is Frontdesk workstations get infected with malware the most, and these are the machines which accept CC payments. :oops: 71 percent of merchants were found to store une...
by packets
Wed Nov 30, 2011 5:15 pm
Forum: Advanced Topics
Topic: HIPAA Security Rule Toolkit
Replies: 0
Views: 3301

HIPAA Security Rule Toolkit

"The NIST HIPAA Security Toolkit Application is intended to help organizations better understand the requirements of the HIPAA Security Rule, implement those requirements, and assess those implementations in their operational environment. Target users include, but are not limited to, HIPAA covered e...
by packets
Sat Sep 24, 2011 2:39 am
Forum: Advanced Topics
Topic: Data is king!
Replies: 2
Views: 3877

HHS rule would give government everybody’s health records

"The HHS has proposed the federal government pursue one of three paths to obtain this sensitive information: A 'centralized approach' wherein insurers’ data go directly to Washington; an 'intermediate state-level approach' in which insurers give the information to the 50 states; or a 'distributed ap...
by packets
Tue Sep 20, 2011 3:08 am
Forum: Main Forum
Topic: Kiosks, WiFi, Domains and Security
Replies: 10
Views: 9788

Re: Kiosks, WiFi, Domains and Security

2. These fears are multiplied when one the added risk of WiFi is factored in. For starters if someone steals a tablet they could potentially stand outside your office and connect to your entire system. In large offices with 2 or more tablets, a day or two could go by before such a thing is noticed....
by packets
Sun Aug 21, 2011 2:01 am
Forum: Advanced Topics
Topic: Hardware, Software & Network Configs
Replies: 23
Views: 28634

Re: Hardware, Software & Network Configs

I just checked out another feature of MacOSX called file vault. It encrypts all the information you put in your 'home' folder (that is where I would put in OD database). Anything that is backed up from that folder would already be in encrypted form. This would remove at least one layer of work. I w...
by packets
Sun Aug 21, 2011 1:48 am
Forum: Main Forum
Topic: Yet another VPN question
Replies: 5
Views: 7494

Re: Yet another VPN question

Is anyone here successfully using OD remotely using a VPN for security? If so, what combo of programs and settings is working for you? Are you trying to connect different networks together or remotely access a machine on your LAN to access OD? VPN's (e.g., OpenVPN, IPSec) are generally used to conn...
by packets
Thu Aug 11, 2011 1:54 am
Forum: Main Forum
Topic: Carestream Dental Softdent
Replies: 1
Views: 4465

Carestream Dental Softdent

I looked through the existing posts but didn't find anything that speaks to this... Is there any issue(s) I should be concerned with if a practice were to temporarily install/run Softdent on a Front Desk workstation which has Open Dental installed (the machine is not the OD server)? A temporary conv...
by packets
Fri Jul 29, 2011 11:02 am
Forum: Advanced Topics
Topic: Should you be archiving emails?
Replies: 2
Views: 4159

Should you be archiving emails?

Hate to be the alarmist in the group, but this blog post (below) made the hairs on the back of my neck stand up!
So, without further ado, here's another little heaping spoonful of food for thought... :shock:
"Email Archiving in the Healthcare Industry"
http://preview.tinyurl.com/3otuzwt
by packets
Sun Jul 24, 2011 10:42 am
Forum: Main Forum
Topic: Office Suite
Replies: 6
Views: 6078

Re: Office Suite

I have a practice wondering whether to purchase MS Office or just use an open source free office suite...
by packets
Sun Jul 24, 2011 1:48 am
Forum: Main Forum
Topic: Office Suite
Replies: 6
Views: 6078

Office Suite

Are there any issues or concerns using Libre Office (http://www.libreoffice.org/) and Open Dental (OD), or Foxit Reader (http://www.foxitsoftware.com/) and OD? :?:
by packets
Sat Jul 23, 2011 3:12 pm
Forum: Advanced Topics
Topic: Data is king!
Replies: 2
Views: 3877

Data is king!

"The Magic of Big Data: GE, MIT Unveil New Way of Visualizing Disease" http://preview.tinyurl.com/3ug9n9v Anonymized records? Right... Imagine as "they" do, having access to BILLIONS of health records (including dental) across the US, and the trials they could mandate and/or service(s) deny. We’re j...
by packets
Thu Jul 21, 2011 3:26 am
Forum: Main Forum
Topic: Leading from behind...
Replies: 0
Views: 3078

Leading from behind...

jsparks - message deleted. Too spammy.
by packets
Wed Jul 20, 2011 9:10 am
Forum: Main Forum
Topic: Recent HIPAA/HITECH changes
Replies: 3
Views: 3586

Re: Recent HIPAA/HITECH changes

That post seems kinda spammy. The post, news site, or video seems "spammy"? The video I found very informative with respect to covered entities and their business partners all responsible for protecting PHI and the fact each can be separately audited. Watching the video reminded of the article belo...
by packets
Tue Jul 19, 2011 2:01 am
Forum: Main Forum
Topic: Recent HIPAA/HITECH changes
Replies: 3
Views: 3586

Recent HIPAA/HITECH changes

Is now time to get serious about information security? More capital please...Hope your practice got the federal incentive money; the cost to implement EHR's may have just gone up. Yikes! "As part of the American Recovery and Reinvestment Act of 2009, Congress enacted the Health Information Technolog...
by packets
Mon Jul 11, 2011 10:00 am
Forum: Advanced Topics
Topic: The need for EMR's
Replies: 1
Views: 3074

Re: The need for EMR's

Curious…are there other forum(s) “out there” discussing the unique IT infrastructure issues that make possible EMR’s within the Dental industry? :?:
by packets
Mon Jul 11, 2011 8:13 am
Forum: Advanced Topics
Topic: The need for EMR's
Replies: 1
Views: 3074

The need for EMR's

What is it called when people feel need to spend so much time convincing others of the value of a product or service? How about: false, untrue, incorrect, made-up, and just plain wrong… EMR’s are not an “if” but “when” idea and most are very excited about applying new technology, sooner rather than ...
by packets
Sun Jul 10, 2011 4:48 am
Forum: Advanced Topics
Topic: Video – If Air Travel worked like Health Care – Very Funny
Replies: 1
Views: 3109

Video – If Air Travel worked like Health Care – Very Funny

Video – If Air Travel worked like Health Care – Very Funny
http://preview.tinyurl.com/6k2wsxp
by packets
Sun Jul 10, 2011 4:45 am
Forum: Advanced Topics
Topic: The risk to IT from Healthcare
Replies: 9
Views: 9320

Re: The risk to IT from Healthcare

Dental’s challenge like others in the healthcare industry is an inability to truly acknowledge threats and manage risk! On a happier note, it can be fixed, more capital please… :oops:
by packets
Wed Jul 06, 2011 9:48 am
Forum: Main Forum
Topic: Business Associate Agreement
Replies: 2
Views: 3566

Business Associate Agreement

Any Covered Entity's looking to update your policy(s) to include the need to have your consultant(s), contractor(s), and vendor(s) sign a Business Associate Agreement? I found this "Sample Business Associate Agreement made available by the HIPAA Survival Guide" which might be a point to begin. Just ...
by packets
Wed Jul 06, 2011 4:10 am
Forum: Advanced Topics
Topic: The risk to IT from Healthcare
Replies: 9
Views: 9320

Re: The risk to IT from Healthcare

My bad. Apologies, Carl. no problem, Accepted! I'm now just a local shop trying to help small business fight the battle malcontents have wage against us all. I’m told the biggest threat comes from those tubes and that dang interweb thingy. They said there are some real mischief-makers out there and...
by packets
Tue Jul 05, 2011 3:07 pm
Forum: Advanced Topics
Topic: The risk to IT from Healthcare
Replies: 9
Views: 9320

Re: The risk to IT from Healthcare

Really??? This isn't about me, all should be asking if what I’m suggesting is true or not, and if so, what you can do to move beyond it? The only thing worse than doing nothing, is doing nothing… I fully support the Open Source community and truly appreciate Open Dental (OD) and their very successfu...
by packets
Sun Jul 03, 2011 3:53 pm
Forum: Advanced Topics
Topic: The risk to IT from Healthcare
Replies: 9
Views: 9320

Re: The risk to IT from Healthcare

No, I don't think the marriage of IT and healthcare just happened. What is new is this huge (recent) shove by the state toward digital healthcare (EMR’s) without clear solution(s) available from the computer industry to successfully achieve, across the board, what will be required. With that said, I...
by packets
Mon Jun 27, 2011 1:59 am
Forum: Advanced Topics
Topic: The risk to IT from Healthcare
Replies: 9
Views: 9320

The risk to IT from Healthcare

Food for thought! I find it amazing, the healthcare industry's full speed approach to IT when we're witnessing so much risk and failure. Everyone seems to be saying let’s just rush this idea and get there, and then we’ll fix and deal with the consequences later. Has there ever been a time when a who...
by packets
Sat Jun 25, 2011 10:42 am
Forum: Advanced Topics
Topic: Security risk from medical devices, Huh?
Replies: 0
Views: 3051

Security risk from medical devices, Huh?

I think the question depends on what the definition of “Medical Device” is… might it be any “hardware” that has the potential to touch PHI? Does everyone with skin in the game (no pun intended) understand what PHI is? With the forced push to EMR’s and all the uncertainty of new technologies being de...
by packets
Wed Jun 22, 2011 9:35 am
Forum: Advanced Topics
Topic: Sms text messages
Replies: 5
Views: 6691

Re: Sms text messages

Maybe unless previously requested by a patient, but wouldn’t SMS text messaging (similar to regular email) be a Non-compliant communications practice, and might cellular phone numbers, along with email addresses, acquired by Covered Entities, be considered PHI? Hmm...Interesting, you know, each coul...
by packets
Wed Jun 22, 2011 8:34 am
Forum: Advanced Topics
Topic: Hardware, Software & Network Configs
Replies: 23
Views: 28634

Re: Hardware, Software & Network Configs

Another concern may be if the off-site storage service provider (e.g., Carbonite), due to your use for backup, now become a Business Associate (BA), and must they be HIPAA/HITECH compliant?
Many questions, few answers...
by packets
Tue Jun 21, 2011 2:56 am
Forum: Advanced Topics
Topic: Hardware, Software & Network Configs
Replies: 23
Views: 28634

Re: Hardware, Software & Network Configs

OK, I get it as far as encryption. I will use my Data Backup to encrypt my data at rest to a specific backup drive, and then have Carbonite copy that data to their servers. The data is encrypted at rest, reencrypted once more during transfer to the offsite Carbonite servers, and stores offsite in e...
by packets
Tue Jun 21, 2011 1:53 am
Forum: Main Forum
Topic: Is there a way to send mass emails to patients?
Replies: 6
Views: 8444

Re: Is there a way to send mass emails to patients?

Has there been any progress towards mass e-mailing patients? Currently I am forced to export all emails and import them into our Gmail online contacts and we email from there. Unfortunately, Gmail limits emails to a max of 500 recipients at a time so we have to have multiple groups in our address b...
by packets
Mon Jun 20, 2011 2:16 pm
Forum: Advanced Topics
Topic: Hardware, Software & Network Configs
Replies: 23
Views: 28634

Re: Hardware, Software & Network Configs

hmmm, Never mind, I did not know it, but Carbonite uses a combination of Blowfish and DES encryption while Data Backup uses AES-128 algorithm. This standard is the latest encryption standard approved by the U.S. Government for sensitive documents. So my current set-up does comply with HIPAA regs. I...
by packets
Mon Jun 20, 2011 2:11 pm
Forum: Advanced Topics
Topic: Hardware, Software & Network Configs
Replies: 23
Views: 28634

Re: Hardware, Software & Network Configs

stjames70 wrote:Good point. Do you know any software that will encrypt backup to physical media and any cloud backup services that backup your data enroute? I could google it, but I think you know the answer....
Cobian Backup http://www.cobiansoft.com/
by packets
Sun Jun 19, 2011 1:13 am
Forum: Advanced Topics
Topic: Hardware, Software & Network Configs
Replies: 23
Views: 28634

Re: Hardware, Software & Network Configs

stjames70 wrote:3. Backup config/software
Carbonite and Data Backup
Doesn't HIPAA require the offsite storage or "removable/transportable digital memory medium" of PHI to be encrypted both "in transit" and "at rest"?
Your solution(s) might possibly miss the mark...Just a thought. :?: