Healthcare organizations take a variety of measures to safeguard patient protected health information (PHI). From managed security services to the thoughtful engagement of security best practices, keeping PHI safe is as vital as delivering the best quality care.
HIPAA (the Health Insurance Portability and Accountability Act) specifies a series of administrative safeguards under the Security Rule that pertain to password creation. It requires healthcare organizations to develop procedures for creating passwords and keeping them secure.
Over 80% of hacking-related breaches are due to weak or stolen passwords, according to the recent Verizon Data Breach Investigation Report, and over 70% of employees reuse personal passwords at work.
Password best practices were a hot topic throughout 2019. Major companies have come under scrutiny for their inadequate password practices.
Even though 91% of people are aware reusing passwords is not a good practice, 59% reuse their passwords at home and work making it a top priority for businesses to educate employees about password best practices.
For healthcare organizations, failure to keep passwords secure represents a violation of HIPAA which may result in costly fines. Avoid this by implementing these five best practices for password security that satisfy the Security Rule under HIPAA.
The 5 Best Practices for Password Security That Satisfy HIPAA Requirements
Passwords stay safe when they are strong and protected from exposure. That involves a combination of practices involving both password and device management. Security experts at RJ Young recommend that healthcare organizations:
1. Use Two-Factor Authentication
Two-factor authentication (2FA) has been around for about five years and was recognized as a password best practice in 2019. 2FA requires two security actions to prove a person’s identity. This includes entering a code sent via text message to a work-issued phone or using a specific physical object – like a key card – issued to an individual.
2FA prevents unauthorized access by people who have fraudulently acquired the login credentials of an account. While a hacker might gain a password from a successful phishing attempt, he or she will not have access to an employee’s key card or work-issued phone.
2. Randomize Passwords With a Mix of Characters
Most users choose passwords based on familiar words or objects, making them easy to crack. This happens because the password generation requires a mixture of letters, numbers, and special characters. Random strings are hard to remember, however by choosing a less random password, it becomes statistically more likely that the password can get cracked.
To best satisfy the HIPAA Security Rule with passwords, use a random password generator — these are harder to crack.
3. Limit the Devices Employees Can Log in to Accounts On
Secondary devices, like employee personal devices, are often compromised by undetected malware. They introduce a security risk into a HIPAA-regulated environment. Additionally, these devices don’t receive security monitoring and management like the rest of the network does. Therefore, they may be infected with keyloggers or other advanced security threats that can be difficult to detect.
Companies should also prohibit employees from logging into work sites on personal devices – while this might not work for all businesses, implementing a BYOD Security Policy can help. This keeps PHI firmly within a company, while also helping limit password exposure, malware attacks, and other security hazards.
4. Disable Password Autofill on Browsers
Password autofill is a convenient tool for managing personal passwords, but for a healthcare organization, it can be extremely dangerous. Many medical offices rely on tablets and other mobile devices or technology while in the office, which – while convenient – are easier to steal. If autofill has been enabled on a browser on the device, all confidential company information can easily be accessed.
Disable autofill on Chrome under the Advanced tab in the Settings window. For Firefox, the option is found under Options, Privacy, and the History heading. For Safari open the preferences window, select the auto-fill tab, and turn off all the features related to usernames and passwords.
5. Conduct Periodical Password Audits & Change Regularly
Password audits involve a review of the passwords currently being used by users. They are an excellent way to spot weak or duplicated passwords so users can change when necessary. Password audits also keep password security at the forefront of everyone’s mind, helping to promote a security culture that keeps patient information safe.
Change passwords at least every three months for non-administrative users and 45-60 days for administrative accounts. Be sure to change your password if you have shared it with another colleague for maximum security.
Managed Security Services Can Help Organizations Use Better Passwords
Password security has been one of the prevailing IT security trends over the past year. As longstanding practices like frequent password changes have fallen out of favor, professionals are discussing other ways to keep passwords safe in an environment with an ever-increasing number of security threats. In 2020, password security involves a combination of secure passwords and best practices to protect those passwords from unwanted exposure.
Managed security services can prove valuable for healthcare organizations striving for improved IT network security and password systems. These professional services deliver increased security across a network and help companies satisfy HIPAA’s stringent requirements. With a managed security service provider (MSSP), healthcare organizations can retain their operational efficiency while enjoying better intrusion detection and security protection.
RJ Young is an experienced security provider for companies in the healthcare industry. Start a conversation with RJ Young to discover how they can help secure your network.
The learning experience is becoming richer and more dynamic, thanks to tools like interactive whiteboards in the classroom. Their steady introduction into classrooms across the country is part of a greater tide that is changing the nature of education. Education technology, or EdTech, helps campuses rethink the way teachers present their lessons to create more effective learning opportunities for students.
Interactive whiteboards are already popular in the business world. There, they are driving collaboration, engagement, and new levels of productivity among teams. Interactive whiteboards benefit both lower and higher education establishments in countless ways.
Enrich the Learning Experience with Interactive Whiteboards in the Classroom
The days of blackboards are long gone. Even the era of dry erase boards is coming to an end. Interactive whiteboards are fundamentally changing what education looks like in the 21st century. Case studies like that of Promise Academy show that interactive whiteboards enhance a student’s learning experience significantly. A classroom equipped with an interactive whiteboard can:
1. Accommodate Multiple Learning Styles
Education has overwhelmingly favored a particular learning style, putting many others at a disadvantage. An interactive whiteboard helps students learn in a way that best suits them. The many apps available to these devices allow learning in multiple styles. Audio, visual, and kinetic learners can watch and listen to material or even follow along on their own synced devices in real-time.
Materials can be easily modified to be accessible for both students and teachers. For example, users can increase the text size or color on an interactive whiteboard to help with visual challenges and access the material in a format that works best for them.
2. Encourage Student Engagement
Interactivity has been well studied across many industries, including education. This 2019 study showed that interactivity, engagement, and student performance are positively linked in a classroom environment. The more interactive the lesson, the more likely that students will engage with and learn the material effectively.
If the use of technology does not get students’ attention, then the interactivity will. Interactive whiteboards inspire student engagement in several ways. For example, interactive whiteboards can:
- Support styluses that allow students to write, draw, and edit directly on the screen making it simple for students to interact during a lesson
- Foster real-time collaboration and idea-sharing in a digital environment within the classroom or offsite location
- Leverage interactive apps to illustrate concepts and further teach interactive lessons
3. Reduce Classroom Costs
Budgeting for schools can be tough, and teachers are often asked to do more with less to maintain a strict budget. However, that can result in sacrificing education quality, causing everyone to suffer.
In contrast, a thoughtfully placed interactive whiteboard in a major lecture hall or critical classroom can help reduce operating expenses. With digital solutions, an educational institution will spend less money on papers, printing, or supplies for a lesson. Likewise, interactive whiteboards come loaded with numerous apps plus access to an app library. Rather than paying costly subscriptions to digital education resources, teachers can use these free apps to build their lessons. That means less time fretting over money spent and more time spent on teaching.
4. Digitize the Lessons
The world is speeding towards a hyperconnected, digital environment where information and resources are available on demand. However, schools have notoriously lagged in technology, but interactive whiteboards can help bridge this gap.
With an interactive whiteboard, a teacher can effortlessly digitize lessons to make them easier for students to follow along on their own devices. Materials can be uploaded to cloud storage, where these interactive lessons are always accessible. Together, a more centralized and streamlined learning environment is created, where students can rapidly ask questions and access the answers they need in real-time.
5. Improve Student Career Preparation
According to the Brookings Institute, at least 40 percent of all career fields require “medium digital skills.” These workers need to be comfortable navigating digital technology. Likewise, between 2002 and 2016, the number of careers requiring advanced digital knowledge rose from 5 percent to 23 percent.
Today’s students will be expected to have full familiarity with modern digital tools when they reach their careers. An interactive whiteboard can be one of the many tools that helps a student gain that critical familiarity required to prepare them for the future.
Introducing Ricoh Interactive Whiteboards with RJ Young
Interactive whiteboards in the classroom deliver many significant benefits for both higher and lower education. It is a modern touch capable of inspiring engagement, excitement, and inclusivity for students with different learning processes. As schools look for ways to bring the learning environment into the future, many are turning to interactive digital solutions like interactive whiteboards.
These modern, sleek, and powerful devices enhance education quality and send a strong message about an institution’s commitment to preparing its students for the future. Available in a variety of sizes from 21.5” to 86”, RJ Young offers a size to fit whatever your specific needs are no matter the size of the establishment. Thinking about putting interactive whiteboards in the classroom? RJ Young can help!
RJ Young is pleased to partner with Ricoh to offer some of the most advanced interactive whiteboards available. Contact RJ Young today to discuss if an interactive whiteboard is right for you.
Every day, more advanced technologies emerge across the business landscape. They bring innovation and disruption that continues to power growth. Over the past few years, cloud service providers have helped businesses transform their wide ranging processes. Cloud solutions are a robust industry that has quickly matured and became mainstream.
Cloud services provide access to powerful capabilities once outside the reach of most small companies.
The State of Cloud Services in 2020
More opportunities exist for companies in every industry to use the cloud. The value of these flexible, scalable solutions is well-known. Many businesses are turning to them to stay lean and competitive.
According to Emergent Research and Intuit, some 80 percent of US small businesses will deploy cloud computing this year.
In 2019, several new and exciting cloud computing services hit the market. Many of these have drawn from existing cloud solutions, refining and expanding them for more specific business needs. In 2020, expect to see cloud-based:
- Infrastructure-as-a-service (IaaS): Cloud services work well alongside outsourced hardware or network components. They also deliver software or other capabilities while keeping business infrastructure lightweight.
- “Work from home” cloud-based businesses: With cloud computing, working from home is easier for small businesses. Cloud solutions make access to business tools easy to use and eliminate the need for physical business locations, helping small businesses reduce their budgets.
- Data privacy law optimization: Data privacy is becoming more critical than ever. Governments like the European Union and states like California are enacting sweeping privacy laws and regulations. Cloud computing is poised to provide the data processing infrastructure that companies need to comply with.
How Cloud Service Providers Support Modern Businesses
Businesses – especially small ones – have turned to cloud computing over the years because it’s a cost-effective way to access computing power. In many ways, cloud services have leveled the competitive playing field, allowing smaller companies to compete with their larger rivals. In 2020, cloud services will continue to support modern businesses in many different ways.
1. Empowers Businesses to Move Faster
With the rise of cloud computing services such as IaaS, platform-as-a-service (PaaS), and software-as-a-service (SaaS), a business’ infrastructure has begun to move quicker. Many cloud service providers now deliver everything a company needs without investing in expensive hardware and software licenses. Instead, companies pay a subscription to a cloud service provider and acquire flexible, scalable solutions.
While the business benefits from the lightweight nature of cloud services, the cloud service provider takes on the IT tasks that would otherwise slow down a business. Hardware maintenance, software patching, and updates all get done behind the scenes. Companies spend less time fiddling with technology and more time undertaking operations that make the business thrive.
2. Drives Collaboration and Innovation
The cloud has long been known for its ability to inspire collaboration within a company. With a cloud storage service, employees can access all the information they need while working on projects. They can update the central repository to keep everyone in the loop. The cloud helps keep their information secure but accessible, helping projects stay on track no matter where the team members are located.
3. Increases Security
Cloud services have become so popular in part because cloud storage is much more secure than an onsite server. Even if a device is stolen or a physical building damaged, a company’s data will remain safely stored within the cloud. It cannot be corrupted, lost, or compromised due to an onsite disaster.
Likewise, cloud technology is more difficult for hackers to access. As a result, Gartner expects cloud storage to be one of the most popular options for small business data security. Cloud storage can mitigate the impacts of phishing, ransomware, and other tactics that gained prominence in 2019.
Modernize the Business With Managed Services From RJ Young
Cloud solutions are not just popular; they’re becoming vital to business success. In 2020, cloud service providers will continue to expand their offerings. Small businesses will have more options than ever before to drive operational efficiency with computing power.
With the vast majority of businesses expected to adopt cloud solutions this year, forward-thinking companies must consider what this technological revolution means for them. Adapting to the prevalence of cloud based solutions means staying modern, relevant, and competitive.
RJ Young helps companies achieve streamlined processes with advanced technology like cloud based solutions. Start a conversation with an RJ Young specialist today to discuss what cloud solutions can do for your small business.
Workflow automation creates the cornerstone of office efficiency. In 2020, it is expected to continue being a trending topic as organizations look to make their processes leaner and of higher impact.
Many people are familiar with things like document management solutions and how automation applies to document processes. However, workflow automation software is a smart move for many business processes, not just document management.
Think about all the ways office processes can be optimized, such as removing redundant steps in the workflow or automating approval processes. Whether you are working towards a 2020 resolution or an ongoing goal, read on to learn about the best practices for workflow automation, and how best to leverage it to help a business thrive.
Where to Use Workflow Automation to Drive Achievement in an Office
Workflow automation, also known as business process automation, uses software to automate business processes. It is one way that companies cut down on the amount of menial labor done by employees so they can focus on higher-value initiatives that require human expertise. When deployed thoughtfully, with a strategic goal in mind, workflow automation can be a powerful tool to streamline office processes.
However, not every business process works well with automation. To determine what to automate, use the Rule of Three.
Decide What to Automate with the Rule of 3: Repetitive, Recurring, Rules-Based
Processes that are repetitive, recurring, and rules-based benefit the most from automation. These processes often constitute the bedrock of business functions and are sensitive to human error. Yet, they take up time and labor better spent elsewhere.
Some examples of business processes that fall under one or all three rules include:
- Data entry and extraction: Pulling out addresses from invoices, identifying keywords in a resume, or converting written forms to electronic data all benefit from automation. Artificial intelligence (AI) combined with optical character recognition (OCR), can take over these time-consuming tasks giving employees more time to focus on important assignments that need human expertise.
- Approval processes: Many business processes require signoffs from certain people. Algorithms can automatically determine if specific tasks have been completed with a document or project and send approval notifications to the right people.
- Accounts receivables: From automatic invoicing to purchase order matching, automation can eliminate many of the rote processes associated with payments and accounts.
Best Practices for Workflow Automation in 2020
Dozens of automation tools are readily available to organizations. This can make workflow automation seem overwhelming or encourage an overengineered strategy that automates too many processes. Be smart with automation in 2020 by choosing a managed service provider as well as deploying these best practices:
1. Start Small but With the Big Picture in Mind
It is not necessary to automate everything – in fact, it might not even be a good idea. Instead, roll out automation in stages so that critical processes do not get disrupted, bottlenecked, or stopped. Consider how automation in one area can affect processes in another area and adapt accordingly.
2. Understand Workflow Automation Terminology
Like most technological solutions, the jumble of buzzwords and jargon can get confusing. Workflow automation generally refers to the processes that are automated in the workflow, but terms like business process automation and robotic process automation may also appear.
- Business process automation (BPA): Refers to an overarching workflow solutions strategy that increases productivity by automating the steps a business needs to conduct its core functions.
- Robotic process automation (RPA): Refers to the use of solutions that automate highly repetitive tasks and standardized processes.
Understanding these differences will save time and frustration.
3. Conduct a Process Assessment
Conduct a thorough assessment of the organization’s processes before making any adjustments or deploying automation. A document management or business process expert can help by pointing out blind spots or opportunities for improvement that the company may not have considered.
Examples of these blind spots include things such as a lack of secure options for sharing documents (relying instead on email attachments), or poor configurations for synchronized cloud storage.
4. Define Specific Automation Goals
Workflow automation provides the highest value when deployed with a specific goal in mind. Start by trying to automate just one or two processes known for causing bottlenecks in a workflow.
For example, if approval signoffs regularly go unattended, consider automating these notifications so they do not get missed.
5. Create a Workflow Plan or Map
This can be written or visual, but every workflow needs a map. Sometimes even the simplest workflows can become complicated when thinking about the multiple steps and approvals involved. This map will help identify if the workflow is working and illuminate instances when it “breaks.”
6. Have a Backup Plan
Technology is not infallible, and technical glitches may cause errors or problems from time to time. Therefore, when deploying workflow automation solutions, make sure to have a backup plan that allows for human intervention without stopping processes.
For example, a power outage could shut down the whole system which is why it is necessary to have a backup plan that involves people handling the automated tasks when an office cannot rely on automation.
Automate Document Management to Save Time and Costs
Many document management solutions utilize automation to significantly improve efficiency and productivity within an office. This powerful software not only automates steps like document capture, archival, and retrieval but can integrate with other valuable enterprise software to enhance automation across an organization.
For example, some document management software can integrate with the software found on multifunction printers to create backups or transmit documents that are scanned or printed.
Likewise, document management solutions help an office move away from slow, bulky paper documents. By transforming paper records into electronic documents, they become easier to manage, work with, and access to make rapid business decisions.
RJ Young Helps Companies Achieve Operational Efficiency with Workflow Automation
Workflow automation represents a powerful strategy that many companies deploy to keep their operations streamlined and efficient. Through the thoughtful application of automation in critical areas, employees spend less time managing mundane, routine tasks and more time handling situations that require a human touch.
In 2020, workflow automation is a trending topic – one that every business must consider staying current.
RJ Young helps companies achieve operational efficiency through the strategic deployment of automation. Contact RJ Young today to get started.
About REN Dermatology
REN Dermatology is a dermatologist office that focuses on both medical and cosmetic dermatology. Since 2013, REN Dermatology has been offering a wide variety of services to clients in the Middle Tennessee area. RJ Young partnered with REN Dermatology to implement a medical office managed IT strategy for their specific needs.
REN Dermatology partners with RJ Young to ensure that they maintain reliable daily operations for their business. RJ Young works to make sure REN Dermatology’s network is secure and HIPAA compliant.
They make you feel like you are their only customer and that’s the way you should be feeling.Kara Ballard, REN Dermatology
Identifying The Problem
Areas of Improvement
The biggest issue REN Dermatology faced was the uncertainty surrounding their network and technology. After submitting trouble tickets to their previous vendor, they had no way of tracking the vendor’s progress. This made it very difficult for REN Dermatology to know if they were meeting HIPAA regulations. Additionally, staff members wasted valuable time following up with the IT provider on a regular basis.
Creating a Solution
Creating a Managed IT Strategy
In order to help REN Dermatology maintain a secure and compliant network, RJ Young provides Managed IT Services for a fixed-monthly fee. Utilizing over 25 years of experience, RJ Young’s Managed IT Services developed a custom plan for REN Dermatology that would support long-term growth and innovation, while ensuring HIPAA compliance.
How RJ Young Implemented the Strategy
RJ Young’s Managed IT Services let REN Dermatology rest assured that their network and technology are being cared for correctly. RJ Young’s Help Desk allows REN Dermatology to monitor the status of a project,
so they can rest assured that all of their IT needs are being handled quickly and with care. Around the clock monitoring ensures that REN Dermatology’s network is secure and meets the IT regulations set forth by HIPAA.
The fixed-monthly fee gives REN Dermatology the ability to have a set budget for their IT services, so they never have to worry about unexpected costs. Having reliable service and consistent payments allows REN Dermatology to spend less time worrying about their network and spend more time on their practice.
Learn More About the Case Study: Medical Office Managed IT Services Featuring REN Dermatology
Contact an expert at RJ Young today to learn how Managed IT Servcies can help your organization.
Check out RJ Young’s other Customer Case Studies and Testimonials.
A cyber security breach is stressful, terrifying, and can be incredibly damaging to a business. However, it is also a reality for companies of all sizes, ages, and industries. Understanding how, where, when, and why a breach occurs can go a long way to preventing a successful breach from exposing sensitive data, personal information, and consumer information. According to IBM Security, the average total cost of a data breach is $3.92 million.
It is the age of cybercrime, and attacks on businesses across the board continue to rise.
Cyber Security Breaches are at an All-Time High
Cyber security breaches are at an all-time high and show no signs of slowing down. Many of the IT security trends from 2018 remain prominent, but there are also new features arising in the security landscape, helping to fuel the ongoing epidemic. These include:
1. The Rise of Novel Cyber Attack Tactics
2018 saw the rise of novel forms of attack such as cryptojacking and ransomware attacks, and 2019 and 2020 continue that trend. According to Symantec, there are several new types of cyber attacks that are becoming more popular.
This year has seen an increase in:
- Formjacking. In this form of digital credit card skimming, criminals inject malicious code onto an e-commerce website that steals credit card information.
- Living off the land attacks (LotL). As open-source and cloud-based software becomes more prevalent, LotL attacks are on the rise. These attacks use off-the-shelf software to hack a site or computer in the hopes that the network activity will look like a legitimate operation. Several of the largest attacks in 2019 constituted LoTL attacks.
2. More Clever Spins on Tried-and-True Methods
Cisco reveals that phishing emails have remained as popular as ever. Hackers are not afraid to find new ways to leverage this age-old trick. Because of this, the average employee now has to look out for much more than spoof emails.
Among the many new, ingenious phishing schemes were:
- Business email compromise (BEC). In a BEC attack, a hacker spoofs an email from a manager or CEO, requesting an employee to carry out some business function, task or disclose certain sensitive information.
- Invoice Trojan horses. Instead of trying to convince an employee to log into a suspicious link via email, some phishers embed malware into a document that looks like an invoice an employee might be expected in hopes they will open it.
3. Criminals Are Looking Beyond Obvious Targets
Businesses large and small are facing cyber security threats. Moreover, the latter is becoming an increasingly popular target because they are likely to be unprepared for such an attack. However, hackers are looking even beyond the smallest businesses and startups. Even utility companies like the Tennessee Valley Authority are finding it critical to develop robust cyber defenses.
The Impact of a Breach to a Business
A 2018 report by the U.S. government estimates that cyber security breaches cost the US economy between $57 and 109 billion annually – a number that is only growing. Companies typically sustain significant financial losses in the form of containment expenses, downtime, fines, and lost business.
However, these immediate financial consequences are often only the tip of the iceberg. Other impacts which a company might experience include:
- Loss of or damage to business data. Losing business data can affect a company’s ability to operate. For example, consider the epidemic of ransomware attacks that continue to hit government offices. By locking up municipal data, offices cannot perform any of their normal business functions that make the local government-run. As a result, the attack becomes incredibly valuable to criminals seeking a ransom.
- Loss of consumer trust and business reputation. A data breach in a business is typically accompanied by a backlash from consumers, who are often the ones to bear the brunt of consequences from a cyber security breach. When personal data has been exposed or stolen, customers feel betrayed. Reputation loss after a cyber attack can also make it hard to find new customers.
- Long-lasting financial repercussions. The 2019 cyber security report sponsored by IBM has an alarming new statistic. As many as 11% of businesses report financial implications – lost revenue or increased expenses – for as long as three years following a cyber security breach.
In a recent global study by Gemalto, they surveyed 10,000 individuals and 70% claimed they would stop doing business with a company that had experienced a data breach. While large companies may be able to absorb the loss of customers that results, for small to medium businesses, reputation damage and loss of customers can prove devastating. With that being said, a cyber security breach could have a detrimental impact on your business.
Why Deploy Managed IT Services to Secure Your Network
With only 34% of security professionals feeling confident in their company’s cyber security strategy, many companies are looking for viable ways to improve security without draining their IT budget. Managed IT services are one such way in which companies can accomplish this goal.
Managed IT services:
- Deliver network security without any missed endpoints or weak spots. Cybercriminals exploit weak spots in a company’s security infrastructure, such as unsecured printers or shadow IT. Managed IT providers are explicitly trained to look for these things.
- Ensure faster discovery and response time for breaches. IBM estimates that the average company takes 279 days to identify and contain a breach. With a managed service provider, that time is cut down, reducing the opportunity for data exposure and data leaks.
- Deliver expert security for less than in-house acquisition. Managed IT services are a convenient, affordable way to access best-in-class security infrastructure that is tailored to an organization’s needs.
Let RJ Young Help Protect Your Business from a Cyber Security Breach
Every business is at risk for a cyber security breach, therefore a business should always be prepared to deal with one. The type of cyber security breach, your industry, location, and organizations’ structure are all factors of how long it takes to identify and contain a data breach. The average time to contain a breach is 279 days, according to Ponemon Institute.
By enlisting the help of a seasoned team of security experts from RJ Young, companies can stay a step ahead of hackers and avoid the harmful consequences of a security breach.
Contact RJ Young today to discuss your cyber security challenges.