Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

EMRs May Be The Next Hacker’s Prize

Posted on December 14, 2012 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Black-hat hackers are beginning, slowly but at an increasing pace, to lock down and encrypt medical data, then demand a ransom fee before they’ll turn over the data in usable form again.

While reports of such activity are scattered and few at the moment, my guess is that we’re at the beginning of a wave of such attacks, especially attacks targeting small medical practices with unsophisticated security set-ups.

Consider what happened recently to a clinic in Queensland, Australia.   Over one weekend, a server holding seven years of patient records was breached and the data encrypted with “military-grade” tools, according to blog Naked Security.

The attackers, who seem to be based in Eastern Europe or Russia, are demanding $4,000 AUD for the release of the records, the blog reports. The clinic is attempting to avoid paying by bringing in its own security experts, but the experts retained by the clinic are apparently fairly doubtful that they can break the encryption scheme.

Such attacks have begun to occur in the U.S. as well, all targeting smaller medical practices with minimal security support.  It’s little wonder that such practices are being targeted; even if they have decent, industry-standard firewalls, antivirus software and password-protected servers — as the Aussie clinic did — such protections are child’s play to defeat if you’re a professional cybercriminal who’s done this kind of thing many times before.

Even if the practice has tougher security in place than usual, how likely is it to have good security hygiene, such as frequently updated and patched firewalls and strong, regularly switched out passwords?  Without security staff on board, not too likely.

Given the devastating consequences that can occur if a medical practice is unable to regain its data, it seems to me that it’s time the entire healthcare industry take an interest in this problem. Smaller practices need help, and we’ve got to figure out how to make sure they get it.

Foursquare for Medical Practices

Posted on January 11, 2012 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As most of you probably know, I’m a huge fan of technology and it’s also fair to say that I’m a pretty early adopter of social media. In fact, I’m sure that some of you think that I live on social media. I prefer to just say that I’m active in social media. Despite my love and participation in social media, I must admit that I’ve never really been able to get into the love of Foursquare.

For those that don’t know much about Foursquare, it’s an app on your phone where you can check in to specific locations and you can see which locations your friends, family and colleagues have checked into as well. As you check in, you get rewards for checking in and virtual awards such as badges. Plus, if you check in to a certain location enough times, then you become Mayor of that location. Foursquare is far from the only one in this space, but it is definitely the leader and the originator of the space. Although, don’t be surprised if Facebook Places doesn’t give them a good run for their money.

My personal problems with Foursquare is that at least on my cell phone it’s clunky to use, hard to understand and the data gets outdated so quickly that I don’t find it that useful. I’m sure that part of my problem with Foursquare is that I don’t have enough real friends and colleagues on there to really get the benefit of knowing what everyone’s doing and where they’re at. Yes, the idea of sharing and other people knowing this information is scary, but it turns out to be a really cool thing if done right. I know since I often learn where someone is at during a conference by seeing tweets from them.

Considering my lack of adoption of Foursquare, I was of course intrigued by this article talking about why medical practices should be on Foursquare. Here are the main reasons they offer:
1. It’s easy to use.
2. It’s big, and getting bigger.
3. It’s a search engine and a way of being found when people are looking for a doctor.
4. If you don’t claim your place, someone else is likely to do it for you.
5. It says your medical practice is social and tech savvy.

Obviously I disagree with the first one, but that might be my bias. Maybe it’s so easy to use that it’s useless to me. My bias aside, I actually agree with this article that a medical practice should take the 5 minutes it takes to get their practice listed on Foursquare. I’m not suggesting that a doctor or medical practice should become really active on Foursquare. Instead, I’m just saying they should sign up and claim their spot on Foursquare. Then, you get to control your listing as opposed to one of your patients which adds your office for you.

A comment in the above article makes a really good point too. If you want to be active in social media and reach the typical visitors to doctors offices that tend to skew female and older, you probably should be on Twitter and Facebook, not Foursquare. Yelp is another good recommendation for many cities. Lots more could be said about those three services. If people are interested, then we’ll cover those in future posts.