Honeypots--a sweet tool you can use to monitor snooping staff members
APCs Weekly Monitor, December 5, 2008
Want to receive articles like this one in your inbox? Subscribe to APCs Weekly Monitor!
It doesn’t matter whether a staff member peeks at the medical record of Tiger Woods, John McCain, your mayor, or your next-door neighbor—inappropriate access to medical information is a HIPAA violation.
The seriousness of this problem has led some hospitals and other HIPAA-covered entities to enhance their investigations. Instead of simply monitoring system access logs, they’re using honeypots as bait to catch snooping staff members. Honeypots, also referred to as honeynuts, are fictitious medical records that information technology staff monitors to determine whether anyone is accessing them.
If you already have strong security techniques in place, honeypots enhance your ability to monitor compliance. “This is frosting on the security cupcake,” says Gary Nichols, CISM, information security officer at Blue Cross Blue Shield (BCBS) of
To read the complete article, click here. Health Information Compliance Insider subscribers have free access to this article in the November issue via their online subscriptions.
Want to receive articles like this one in your inbox? Subscribe to APCs Weekly Monitor!
Comments
0 comments on “Honeypots--a sweet tool you can use to monitor snooping staff members ”
Related Products
-
Guide to HIPAA Auditing, Second Edition
This new edition of a best-selling book delivers the hands-on tools and guidance you need to conduct effective in-house...
-
The No-Hassle Guide to HIPAA Policies: A Privacy and Security Toolkit
HIPAA regulations require extensive documentation—likely more than you've done in the past. Changing the way you look...
-
The HIPAA and HITECH Toolkit
The HIPAA and HITECH Toolkit is a valuable resource that helps both CEs and BAs understand and meet the HITECH Act's...
-
HIPAA Handbook for Nutrition, Environmental Services, and Volunteer Staff:
Train all of your staff members with this handbook and others in the 2009 HIPAA Handbook Series. Ensure they understand...
-
HIPAA Handbook for Registration and Front Office Staff
Train all of your staff members with this handbook and others in the 2009 HIPAA Handbook Series. Ensure they understand...
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- HIPAA Q&A: Level of encryption needed for email
- Identify potential Medicaid RAC target areas
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched