The bad news: the bad guys are getting smarter. The good news: so are we.

It can be the small, unintentional errors that expose valuable health data to data thieves.  Filling out social media quizzes that are actually gathering information about you—like your birth month or high school mascot. Holding your building door open for a delivery person with their hands full. Clicking on an urgent email request from a senior executive.

Small errors can lead to massive data breaches. Here’s how we help keep health data safe.

A company’s security is only as strong as their weakest link.  At Discovery Health Partners, we’ve earned certified status for information security by HITRUST for several of our technologies that drive the use of data across our solutions.

One of the parts of HITRUST compliance is user awareness training—reinforcing the procedures everyone needs to follow to ensure that our employees aren’t going to violate your health plan’s data.

Along with processes, tools and technology, we’ve implemented ongoing employee training:

  • Our employees are trained to understand how to handle data in any type of media—whether it’s in an email, a computer monitor, or a printed document
  • We have specific instructions on how to handle data at any point—including destruction of media
  • We’ve educated our team on the many social engineering tactics hackers use (Tips and tricks featured below)
  • We follow up this training with monitoring and reporting to ensure that these safe practices happen—and we can respond quickly if we discover a glitch
  • We also ensure our third-party providers protect your data with tight security protocols, monitoring, and training

While a company can have the latest cybersecurity technology in place, if someone in our building opens the door to let someone in—or clicks on a link in an email that seems to come from HR, they’ve just bypassed that technology.

So as the bad guys get better and smarter, it’s even more important for us to train our employees to be diligent and aware of the latest tricks.

As a recent report on healthcare data breaches reasonably pointed out—while people are a company’s most valuable asset, from a security point of view, they can also be its weakest link.

Learn more about HITRUST certification here.

Tips and tricks

Data breaches are often the result of social engineering, attempts to trick unsuspecting employees into handing over confidential or sensitive data. Social engineering plays on human nature and emotion to deceive someone into providing access to information or deviating from established security protocols. Here are some examples of social engineering and how you can help avoid falling for these attacks.

TIP Be careful on social media. Based on your social networking, hackers may already have a lot of information about you. They may know your name, where you work, your birthday, what position you hold.

TIP You get an email from HR asking you to click a link for an employee opinion survey. Before you click that link—verify the sender by hovering over the email address.

TIP Have at least three algorithms for your online passwords—one for your banking, one for your personal use and one only for work.

Juliet DeVriesThe bad news: the bad guys are getting smarter. The good news: so are we.
read more

Count on Discovery’s HITRUST-certified technologies to protect your health plan’s data

 

In the midst of HIPAA regulations and ongoing threats to healthcare data, health plans increasingly require their vendors and partners to demonstrate a strong commitment to patient and member data privacy and protection. As a provider of data-driven solutions for healthcare payers, Discovery Health Partners has stepped up to meet this demand with the achievement of HITRUST CSF® certification for its core technologies.HITRUST certification

The certification for our Discovery Case Manager, Dashboard and Reports, Secure File Transfer Protocol (SFTP), and Medicare Secondary Payer (MSP) technologies demonstrates that they have met key regulations and industry-defined requirements and are appropriately managing risk. These technologies drive the use of data across our solutions including Medicare Secondary Payer (MSP) Validation, Subrogation, and Coordination of Benefits:

  • Secure File Transfer Protocol: The technology that allows us to securely and quickly load and integrate data from multiple sources to help identify payment and revenue integrity opportunities.
  • Discovery Case Manager: Our core workflow software that is used to manage work in progress across all our solutions. This is the application that captures and stores information needed to support payment integrity processes and creates an audit trail to support tracking and compliance.
  • Dashboard and Reports: The technology that provides standard and custom reports that track key performance indicators and results across our solutions.
  • Medicare Secondary Payer: The application that is used to identify, validate, and track updates to CMS eligibility information and premium reconciliation for Medicare Advantage plans.

This achievement places Discovery in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

“In entrusting their data to us, our clients expect a highly secure environment. I am thrilled that we can demonstrate our commitment to meet their needs through our HITRUST CSF certification, the gold standard in our industry,” said Moe Alkhafaji, Discovery Health Partners’ Chief Information Officer.

He went on to explain that, “Our mission for strong information security does not stop with HITRUST certification. We will continue to evolve our tools as threats evolve, and will continue to drive for better policies and procedures that further safeguard our technology and our clients’ data.”

 

 

Discovery Health PartnersCount on Discovery’s HITRUST-certified technologies to protect your health plan’s data
read more