Phishing is the fraudulent practice of sending e-mails or text messages claiming to be from reputable companies in order to persuade individuals to reveal personal information, such as passwords and credit card numbers. Scammers use e-mail or text messages to trick you into giving them your personal information, trying to steal your passwords, credit card account numbers, or Social Security numbers. If they get that information, they could gain access to your accounts. Scammers launch thousands of phishing attacks like these every day—and they are OFTEN successful!
The FBI Internet Crime Complaint Center reported that $57 million was lost to phishing schemes in one year. Scammers often update their tactics, but there are some signs that will help you recognize a phishing e-mail or text message.
How to Recognize Phishing Scams
First, phishing e-mails and text messages may look like they are from a company you know or trust. They may look like they are from a bank, a credit card company, a social networking site, an online payment website, or an app or online store. Phishing e-mails and text messages often tell a story to trick you into clicking on a link or opening an attachment.
Say they have noticed some “suspicious activity or log-in attempts”
Claim there is a problem with your account or your payment information
Say you “must confirm some personal information”
Include a fake invoice
Want you to click on a link to make a payment
Say you are “eligible to register for a government refund”
Offer a coupon for free stuff
What are the Signs of a Scam?
The e-mail says your account is “on hold because of a billing problem.“
The e-mail has a generic greeting, “Hi Dear.” (If you have an account with the business, it probably would not use a generic greeting like this).
The e-mail invites you to click on a link to “update your payment details.”
Your e-mail spam filters may keep many phishing e-mails out of your inbox, BUT scammers are always trying to outsmart the spam filters. So, it is a good idea to add extra layers of protection.
Four Steps You Can Take Today
Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.
Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats.
Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account.
Protect your data by backing it up. You can copy your computer files to an external hard drive or cloud storage. Be sure to check with your IT department and designated Security Officer before copying data to other locations.
What to Do If You Suspect a Phishing Attack?
If you get an e-mail or a text message that asks you to click on a link or open an attachment, first answer this question: Do I have an account with the company or know the person that contacted me?
If the answer is “No,” it could be a phishing scam
If the answer is “Yes,” contact the company directly using a phone number or website you know is real, NOT the information in the e-mail. Attachments and links can install harmful malware.
If you think a scammer has your information, like your Social Security, credit card, or bank account number, go to IdentityTheft.gov. There you will see the specific steps to take based on the information that you lost.
If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan.
Finally, contact your Security Officer and IT Staff Immediately.
What Can I Do to Ensure This Doesn’t Happen?
One of EZClaim’s partners, Live Compliance, will make checking off your compliance requirements extremely simple. They have a service that is:
Completely online, our role-based courses make training easy for remote or in-office employees.
Contact-free, accurate Security Risk Assessments are conducted remotely. All devices are thoroughly analyzed regardless of location. Conducting an accurate and thorough Security Risk Assessment is not only required but is a useful tool to expose potential vulnerabilities.
Built directly into your portal, easily monitor where your workforce may be vulnerable with our Dark Web Breach Searches. Easily expose breach sources with ongoing searching of active employee email or domain ensuring continued awareness of potential breach exposure. Weekly automatic e-mail notifications if new breaches are discovered.
Informational, and has short, informative, privacy awareness videos covering technical, administrative, and physical safeguards with topics such as Ransomware, Phishing, the Dark Web, Password Protection, etc. Delivered monthly with no logins required, empower your workforce to make conscious decisions when it comes to your organization’s privacy and security.
So, don’t risk your company’s future and avoid phishing scams especially when Life Compliance is offering a FREE Organization Assessment to help determine your company’s status. Call them at 980.999.1585, e-mail them at Jim@LiveCompliance.com, or visit LiveCompliance.com. For more specific information, e-mail email@example.com
EZClaim is a medical billing and scheduling software company that provides a best-in-class product, with correspondingly exceptional service and support. Combined, they help improve medical billing revenues. To learn more, visitEZClaim’s website,e-mail them, or call them today at 877.650.0904.
[ Article contributed by Jim Johnson of Live Compliance | Photo Credit: Shutterstock ]
There are a few HIPAA items to focus on RIGHT NOW—before the end of 2020!
The U.S. Department of Health and Human Services (HHS) has designated the “Health Insurance Portability and Accountability Act” (HIPAA) as the national standard for protecting the privacy and security of health information (in 1996). This led to the Health Information Technology for Economic and Clinical Health Act (HITECH), which has a provision in it for audits, and the HHS Office for Civil Rights is responsible for carrying out HIPAA audits, and responding to complaints and breaches. Ignoring them is not an option!
A Risk Assessment IS NOT Enough A risk assessment is only one element of the compliance process. You must also “implement security updates as necessary and correct identified security deficiencies.” In other words, you must act via a Corrective Action Plan (CAP) and follow the required risk assessment process.
Dark Web It is no secret that the “Dark Web” is a scary place to lose your information. So, what if it did happen and affected your entire company? Identity thieves get anywhere from $1-$1,000 for medical records, for each instance! So, how can you protect yourself and/or your organization?
Well, data breaches are becoming more common—sometimes which are out of your control—so carefully monitoring where you store and enter your passwords can be extremely beneficial to help minimize the risk of a hack and keeping personal or patient information protected.
One solution for this is the automatic Dark Web monitoring built into the portal of one of EZClaim’s partners, Live Compliance. Their solution helps keep an ‘eye’ on employees whose information was involved in a breach, and suggests next steps to take where the breach was found. Then, it allows your to conduct an accurate and thorough Security Risk Assessment. This is not only required, but is a useful tool to expose potential vulnerabilities, including those that involve password protection.
So, what can I do to ensure this doesn’t happen to me or my organization? Well, Live Compliance makes checking off your compliance requirements extremely simple by providing:
● Reliable and effective compliance
● Completely online, our role-based courses make training easy for remote or in-office employees
● Contact-free, accurate Security Risk Assessments are conducted remotely. All devices are thoroughly analyzed regardless of location.
● Policies and procedures are curated to fit your organization, ensuring employees are updated on all workstation use and security safeguards in the office, or out. It is updated in real time.
● An electronic document is sent to employees and business associates
So, don’t risk your company’s future, especially when Live Compliance offers a FREE Organization Assessment to help determine your company’s status.
[ Article provided by Jim Johnson of Live Compliance ].
ABOUT EZCLAIM: EZClaim is a medical billing and scheduling software company that provides a best-in-class product, with correspondingly exceptional service and support. Combined, they help improve medical billing revenues. To learn more, visit EZClaim’s website, e-mail them, or call a representative today at 877.650.0904.
It IS POSSIBLE to improve medical billing revenues, and here are a few ways to do just that.
Healthcare practitioners, whether established or just starting out, have many overwhelming tasks: Managing a practice; Seeing patients; Working to staying up-to-date on administrative tasks; The whole host of compliance at the federal, state, and local level; and Overseeing the billing.
One of these that can lead to loss of revenue is not properly managing the medical billing, which can also lead to HIPAA fines and rejected claims. However, there is a solution: a medical billing system that balances the budget and optimizes revenues of medical practice.
EZClaim, an expert in the medical billing software market since 1997, provides a solution that improves the efficiency of an office’s billing process in many ways. The following are the primary reasons.
Reduce Coding Errors Medical procedures become codes, codes become claims, and claims become revenue. Any error in this process can make claims to be denied, your workload can be increased, and revenue can be lost. To help in avoiding errors, it is essential to use billing software that offers the easiest implementation and access to descriptive diagnosis and treatment codes. EZClaim’s medical billing solution offers ease-of-use in coding, billing, and strong partnerships with Clearinghouses which act as an additional ‘safety net’ for catching errors.
Administrative Support Most medical practices are a small team of people tackling a wide range of tasks, so when one cannot understand the function of the billing software, accessing reliable support is very important. EZClaim prides itself on having dedicated support experts available, and that was how the company was established. Founder and President Al Nagy has said, since day one, “We are a support company that happens to sell medical billing software.”
Maintain Industry Compliance It is important to recognize that industry compliance and a practice’s revenue go hand-in-hand. Filing and batching inaccurate and non-HIPAA compliant claims can often be traced back to an outdated healthcare revenue management system. Conquering these tasks requires a focus on multiple fronts: A properly trained billing team, clear office procedures, patient payment policies, and a reliable medical billing company. These are all ways to help buttress against non-compliance and rejected claims.
Streamline Workflow Recently, a study was done that showed almost 80% of medical bills contain errors. These incorrect medical claims often end up as lost revenue originally, not to mention the additional cost of resubmissions and collections. One of the best ways to resolve this problem for your practice is to make use of both well-trained, experienced billers and coders, combined with a competent medical billing solution that aids in catching these errors. EZClaim software features a library of standard validation, the ability to add custom validation, and integrates with Alpha II for full claim scrubbing.
Follow up Errors will and do occur, so establishing a system for follow-up on all denials will close the loop and protect against lost revenue. Being consistent with the follow-up process, and having a medical billing solution that tracks these things will help close that gap.
Collections Finally, probably the most important aspect that optimizes a practice’s revenue is to get paid. Portals and payment collection systems definitely help with this, but having collections integrated into the medical billing system is, of course, the best. EZClaim has pain-free payment processing integrated into their solution, called EZClaimPay. It solves all the problems associated with payment processing: Bank deposits, reconciliation, statements, changing fees, and ‘finger-pointing’ when there is a problem. EZClaimPay’s robust platform will greatly increase a practice’s collections success, and improve their revenue.
ABOUT EZCLAIM: EZClaim is a medical billing and scheduling software company that provides a best-in-class product, with correspondingly exceptional service and support, and can help improve medical billing revenues. To learn more, visit their website, e-mail them at firstname.lastname@example.org, or call a representative today at 877.650.0904.
In an effort to make the HIPAA Privacy Rule as easy to understand as possible, the Office for Civil Rights (OCR) has come up with a list of rules that clearly explain what Business Associates are now “directly liable” for. As OCR Director Roger Severino explains, “We want to make it as easy as possible for regulated entities to understand, and comply with, their obligations under the law.” The list consists of ten rules that, if failed to follow, can result in penalties and monetary fines.
[ Note: Check out our previous post to access this list ].
As we enter the fourth quarter of the year, you may be wondering what immediate requirements should a Business Associate complete before the end of the year?
One of the most important rules also includes information about Business Associates, and their need for proof of satisfactory assurance when the covered entity requests this of them. Satisfactory assurance is crucial, because it ensures the Business Associate is HIPAA compliant, and therefore, must also be in the form of a contract.
The Satisfactory Assurance contract is oftentimes outlined in the form of a questionnaire, and requires the Business Associate to disclose the date of completion for various compliance requirements.
These include distribution and completion of workforce HIPAA training, implementation and distribution of policies and procedures, Business Associate documentation, and completion of an annual HIPAA Security Risk Assessment.
Are You Prepared?:
If a Covered Entity requests this proof from your organization, would you be able to successfully complete it without outdated completion?
If you are uncertain that your organization would be able to easily and efficiently provide that documentation, you may be facing thousands of dollars in fines for each vulnerability!
HIPAA Compliance Myths:
False: The security risk analysis is optional for small providers: All providers who are “Covered Entities” under HIPAA are required to perform a risk analysis. In addition, all providers who want to receive MU, and MIPS incentive payments must conduct a risk analysis.
False: Our office uses the Cloud, so we don’t need a risk assessment: Even if you have a fully HIPAA compliant cloud vendor, your patient data (ePHI and PII) still must go through all your systems to get to the cloud. So, you are still required to perform technical, administrative, and physical security risk analyses.
False: Our EHR makes us compliant, so we’re fine: While your EHR may provide excellent privacy and security features, it definitely doesn’t exempt you from the HIPAA security requirements.
Live Compliance helps their clients meet the ever changing and complex HIPAA State and Federal regulations. They protect the information they are entrusted with, and ensure their clients pass any Health and Human Services audits. If you are unsure or need assistance, call Jim Johnson with Live Compliance at (980) 999-1585.
Live Compliance is a partner of EZClaim, a medical billing software company. For more details about their solutions, visit their website at ezclaim.com.
So, what’s the best path for HIPAA Compliance? It’s risk analysis.
The HIPAA Security Rule requires covered entities and business associates to ensure the confidentiality, integrity, and availability of all electronic protected health information (ePHI) that it creates, receives, maintains, or transmits.
Conducting a risk analysis—which is an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of the ePHI held by an organization—is not only a Security Rule requirement, but is also fundamental to identifying and implementing safeguards that comply with and carry out the Security Rule standards and implementation specifications.
However, despite this long-standing HIPAA requirement, OCR investigations frequently find that organizations lack sufficient understanding of where all of the ePHI entrusted to their care is located.
Although the Security Rule does not require it, creating and maintaining an up-to-date, information technology (IT) asset inventory could be a useful tool in assisting in the development of a comprehensive, enterprise-wide risk analysis, to help organizations understand all of the places that ePHI may be stored within their environment, and improve their HIPAA Security Rule compliance.
How Can You Manage This at Your Organization? You can try to manage this by yourself, but it would probably be more efficient and superior in implementation if you used an expert. A partner of EZClaim, Live Compliance, is one of those experts. They can help you easily manage, maintain, and assign your hardware and technical inventory to remote or in-office employees.
Do You Have Additional Questions? If you have any questions about the best path for HIPPA compliance, contact Jim Johnson at Live Compliance (E-mail: email@example.com; Phone: (980) 999-1585).
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.