2009 Volume 1 Issue 8
October 16, 2009
Issue No. 1
In This Issue
BCBS's Security Breach
Data Security Tips
Quick Links
Help Us Help You!
If you haven't already, please take two minutes to complete our survey.  The results will help us serve you better by providing information on the services we provide.
Need for Speed
IPC is in the process of upgrading our internet connection.  This means clients who access our system remotely to use HealthPac and Scheduler will be seeing faster speeds soon!
Newsletter Archive
Want to read a back issue of IPC's newsletter?
 Click here! 

Many of you have received notices from BCBS of Michigan notifying you of an "unauthorized transfer of data."  Don't be too hard on BCBS's security breach. If you have PHI stored on your laptop or personal sensitive financial information, it could happen to you too unless you take added precautions.  Keep reading for more on the breach and how you can keep your information safe.
BCBS's Security Breach
LaptopAn unencrypted laptop was stolen from Blue Cross Blue Sheild's national office that contained all Blue Plans providers' names, addresses, Tax IDs, NPIs and social security numbers. Many of you print your Tax ID numbers on your encounter forms and your NPI is available online, it is only the release of your social security number that is of concern. On the black market a social security number is sold for less than a dollar. However when you consider the thousands of providers listed in the database, the black market value of these social security numbers are worth much more than the lost laptop. While there is no proof that this lost data has been wrongfully used, it is still prudent to take advantage of the 1-year free credit monitoring offered by BCBS. Be sure to use your activation code printed in your notification letter and enroll with ConsumerInfo.com before December 31st.
It is estimated that one in ten laptops will go missing sometime in their lifetime. Having your laptop password protected is not enough. Your best bet is to use encryption software to protect your laptop. This software is available as freeware and for purchase (usually under $200). Ask your IT expert what software would be best for you. The latest edition of Physicians Practice newsletter featured an excellent article on this.
Remember, the new Hi-Tech act does not require public notice requirements (i.e., alert the media) if data is encrypted. Be safe!
Data Security Advice From the Experts
The best way to protect secure data is to not store it on a laptop, but if you find it necessary, there are three main ways to secure your data. 
The first is to password protect the laptop. This option keeps the honest people honest, but will not protect the data. The hard drive can simply be removed and installed into another computer, rendering the password useless.
The second option is to encrypt files and folders. This can be done using many different ways. Microsoft Windows has offered a level of encryption built into their operating systems since Windows XP when they switched to the file system called NTFS. Encryption securely locks a file, folder, or drive so that only an authorized person can view it. The advantages are that there is no additional cost for the feature, and that it is VERY secure. The disadvantage to the built in is that if you should forget your password on a non-domain (controlled by a server) laptop, the data is unrecoverable. If the computer password is hacked, the computer may be usable, but the data is not recoverable.
There are several 3rd party options, such as PGP encryption, which serve similar functions, but act independently from your computer password. Some of these will allow you to setup a secondary person who can unlock the data, allowing for recovery even if one password is lost. Some of these applications are free, but most do have a cost. Many will work with biometric (thumbprint) readers.
The third and most secure method uses a combination of both password protection and encryption. Applications like "Folder-Password" will password protect a Folder or File and also encrypt the contents. At this level, you have a password to log onto the computer (ideally), and than a password to view the files which have been encrypted. This solution uses a much stronger encryption than the NTFS solution Again, some of these are free, while others do have a cost.
The best security is a security policy put in place by your system administrator. When that is not an option, encryption will keep you protected.
Jeff Irish
Sr. System Engineer
Troy Tech Services, Inc.
Troy Tech Services 
About Us
If you have any questions regarding this newsletter, you can contact us at:

         Mary Ellen Duffy
         Patricia Nevala pat@ipcbilling.com

or call us at 616-459-6867 or 800-606-1455

Please feel free to forward this newsletter to your staff and peers.

Forward to a Friend

Innovative Practice Concepts, LLC -- A full service medical billing company
Your Bottom Line is our Top Priority!