Employed Physicians: Risk Exposure Paradigm

Tim Bone, MedMal Direct Chief Claims Officer // April 21, 2017

Recent medical school graduates and/or seasoned providers are increasingly made aware of the option to work as a hospital employee; under this employment arrangement, it is important to consider professional liability exposure. From the purchase of a physician’s “tail” coverage to the choice of captive versus commercial coverage, or the joint defense of a lawsuit, all aspects of these essential components of this new risk exposure paradigm must be considered from the point of view of both the physician and hospital.


Overlooking Risks Leads to Breach, $400,000 Settlement

April 10, 2017

Each day we hear more information on OCR investigations into HIPAA Privacy and Security breaches throughout the United States.  Most of the settlements we learn about have come around from self reported breaches that occurred as much as 5 years ago and the cases are just resolving.  The case below emphasizes the need to do a thorough Security Risk Assessment to avoid a potential breach and maintain patient privacy.  It also emphasizes that a risk management plan is part of what they look for which in this case could have mitigated the settlement amount had the practice done a thorough job.  Consider doing a SRA or reviewing your current one today and updating it annually.  Also don’t forget to do an RCA (root cause analysis) post breach or incident which will aid in determining probability of reoccurrence and validity of current P&P.


Text Messaging and HIPAA

Michelle Bilsky, CHCO, LHRM, MLA, CBA // April 07, 2017

Text messaging has become popular in the health care field, permitting providers to multitask and to communicate more quickly than with phone calls. Despite these benefits, health care providers should be aware of the potential consequences under HIPAA and the HITECH Act (collectively, “HIPAA”) of permitting staff to text patient information. “Text messaging” encompasses any communication service or application that enables transmission of electronic written messages between two or more mobile devices.


FBI Warns Healthcare Industry About Anonymous FTP Server Cyber Attacks

Risk Management // March 29, 2017

Does your practice transfer files in order to share patient information or data? Do you use an FTP server?
 is an acronym forFile Transfer Protocol. As the name suggests, FTP is used to transfer files between computers on a network. You can use FTP to exchange files between computer accounts, transfer files between an account and a desktop computer, or access online software archives.
If you do any of these things you need to read the below report from the FBI on Cyber Crimes related to FTP servers.