Part 1 of an interview with Ricoh Danielson, Information Security Expert

Ricoh Danielson is an impressive guy. From his time serving as a US Army Combat soldier in Iraq, to becoming a legal advocate for veterans in their battle to receive PTSD treatment; then later developing his security expertise in digital forensics for law enforcement and the military, Ricoh has dedicated himself to a singular passion: protecting others.

Now a leader in Information Security, Ricoh has turned his sights on healthcare – an industry frequently targeted for cyber attack. It was a privilege to speak with him recently about how healthcare organizations can improve their critical security posture, and specifically, the need for penetration testing – a practice that fits in well with a comprehensive, HIPAA compliance program:

You like saving everything to your hard drive – it’s what you do. Then your laptop or tablet gets lifted, right out of your car.  

Sure, you thought it was safer to have sensitive information under your own watchful eye – except when it was on your car seat, while you went to the 7-11 to get gum. (Expensive gum!)  

Then again, computer hard drives have been stolen right out of offices, and cell phones with private health data have fallen into the wrong hands, leading to serious breaches. Which brings up a question:

Is sensitive data – such as Protected Health Information (PHI) that passes through your Office 365 apps and remains on your hard drive – really safer than in the cloud?

“Have you seen the video?” It’s a query for a connected world, bringing the world up close. From cell phones to visual doorbells – even police body cams – video helps tell a story – and maybe solve a crime. 

Now imagine this crime is an attempt to steal your company data, or disable your website. It might even be your employee (61% of IT leaders do believe their employees maliciously put their sensitive data at risk, according to a 2019 survey), or one of your contractors.

Chances are, there won’t be a video; however if a digital record of system events exists, then you’re in business. With these logs, crucial questions can now be answered: Who accessed the system? How was a breach attempted? What was the extent of the damage, if any? Armed with this data, audit logs help you stay proactive, able to track and possibly prevent future malicious activity.

One of the clear lessons of our recent pandemic has been that an invisible virus can do great harm to a body, if only given a “portal” through which to enter. The “attack vectors” are varied, if not deceptive: airborne, on surfaces, and even by those who show no symptoms.

Fortunately, we’ve learned firsthand how the vigilant use of protections – while not a guarantee – does help limit transmission, keeping us and our communities safer.

Note: It’s National Hospital Week, celebrating hospitals, health systems and health care workers. This year’s theme: “A Week of Thanks.” 

With that in mind, and especially during these trying times, we wanted to take a few weeks away from our series on HIPAA Plugins for WordPress to mention the important contributions of our own Terri Vidals and the Los Angeles Surge Hospital – a new, “Covid-19 Only” hospital fighting to stem the tide of the novel coronavirus. You can read part-1 here. 

Note: We’re taking a few weeks away from our series on HIPAA Plugins for WordPress to mention the important contributions of our own Terri Vidals and the Los Angeles Surge Center, a new Covid-19 – only hospital fighting to stem the tide of the novel coronavirus.

A well-known movie line exclaims, “What we have here is a failure to communicate.” All Hollywood drama aside, we know how poor communications can complicate relationships. 

When it comes to healthcare, however, the stakes can be even higher: misdiagnosis, delayed treatments, or even worse. Malicious cyber attacks that may damage the integrity and availability of your data only add to the threat.    

Collaboration and teamwork – they’re key to what you do. For healthcare teams especially, the excellent care you provide wouldn’t be accomplished without them. 

For numerous clinics and counselors, surgeons and specialists, Google’s powerful suite of collaborative services – from Gmail to Hangouts, to Calendar and Sheets – offers the anywhere, real-time connections necessary to promote efficient outcomes. They really do make life easier. 

In the wake of the Covid-19 pandemic, remote health services and telemedicine technologies – already in operation in many places – are now in high demand. 

With critical isolation and quarantine protocols now impacting non-emergent, in-person exams, the need is great for health providers to adopt effective consultation alternatives. As a result, some telemedicine companies are now undergoing a rapid expansion of services.

Are Google Servers HIPAA Compliant?

Innovative healthcare technology providers, including developers of telemedicine apps for virtual consults, rely on site responsiveness and high data availability to facilitate patient care.

Before choosing the cloud, these important technology providers will often ask if Google servers can meet the tests for HIPAA compliance; in other words, will they ensure the confidentiality, integrity, and high data availability required by the HIPAA Security Rule.