Giva Blog
Help Desk, Customer Service, Cloud & Security Insights, with a Side of Altruism!

Are You HIPAA Compliant? - Healthcare Information Safety

A recent report from the Washington Post offered some sobering news about the safety of information in the healthcare industry. According to the United States Department of Health and Human Services (HHS) 3.6 million patient records have been stolen from health firms via hackers since 2009. This statistic does not include the most recent hacking of Community Health Systems which lost 4.5 million records to a group of Chinese hackers earlier this year. Large data breaches are not the only concern. In 2012, HHS received 21,194 reports of small data breaches from healthcare companies.

Healthcare companies should be wary. According to a 2013 study conducted by the Healthcare Information and Management Systems Society only 69% of health security professionals said their company had established a data breach plan. The organization concluded that the healthcare industry has only reached an "average level of maturity" on security issues. This statement should be concerning to healthcare companies. Strict regulations in the Health Insurance Portability and Accountability Act (HIPAA) and further provisions tied to the 2009 stimulus require healthcare companies to comply with firm security measures. Companies that fail to comply with these measures and are subject to a data breach face many severe consequences. Large financial penalties are in place and companies often suffer backlash.

Fortunately, Giva makes HIPAA compliance very easy for our customers. The data center, hardware and software infrastructure of Giva's cloud help desk & customer service software meet the very strict HIPAA compliance regulations. For more information visit 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Are You HIPAA Compliant?

Earlier this year medical records of 4.5 million patients were stolen from Community Health Systems (CHS) by a sophisticated group of Chinese hackers. According to the Washington Post the names, birth dates, telephone numbers, and social security numbers of patients were copied and transferred from the company's systems. This information has been protected under the Health Insurance Portability and Accountability Act (HIPPA) for the last decade. As required by federal law CHS notified all impacted patients and provided them with free identity theft services. The company’s liability insurance was expected to absorb the major financial impacts of the data breach. Their mandated Security and Exchange Commission Filing stating the consequences of the breach was published on August 18 and can be found here.The Health Insurance Portability and Accountability Act requires all companies contributing to healthcare services to protect patient’s personal health records with strict security and data encryption measures. Companies that suffer a data breach due to relaxed security measures can be found in violation of federal law. Penalties are strict. Significant fines that can jeopardize a company's financial standing and reputation are charged per incident. According to the FBI, the digitization of medical records has encouraged hackers to increasingly target healthcare companies. Strong security measures that align with strict HIPAA regulations are now required of all healthcare providers.

Fortunately, Giva makes HIPAA compliance very easy for our customers. The data center, hardware and software infrastructure of Giva's cloud help desk & customer service software meet the very strict HIPAA compliance regulations. Click on: 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Sustainability Indexes

Companies are increasingly recognizing the benefits of strong corporate citizenship. As investors have become more attuned to the necessity of sustainable business practices there has been a growing demand for indexes and rankings that highlight global firms with strong sustainability records. In particular, three indexes provide an interesting look at how corporate responsibility is quantified and what non-financial characteristics are important in firms.

Corporate Knights is a Toronto-based media and investment advisory company that works with Solactive, a German index provider, to produce an annual list of the most socially responsible companies in each sector of the global economy. Termed the Global 100, the list scores companies on a series of indicators based on how they rank against their global industry peers. Indicators range from energy and water productivity to tax structure and employee safety and are specific to a company’s industry. To qualify for the list companies must be transparent, disclosing their current business practices to the public. The end result is a comprehensive list that details the top performing companies in each industry. Most recently Westpac Banking Corporation of Australia topped the list. They were the first Australian Bank to join the Australian Government’s Greenhouse Challenge Plus and were the first bank in Australia to create a matching donor program for their employees.

The Dow Jones Sustainability Indices is based on a similar belief in corporate responsibility. As factors such as resource scarcity and demographic shifts become more important in the business community, businesses that are operated sustainably will increasingly be able to capitalize on their value. A partnership with RobecoSAM has led to the creation of the Corporate Sustainability Assessment. This assessment is based on a questionnaire sent to the world’s 2,500 largest companies. It is looking for a company’s awareness of and the steps it has taken to address various economic, environmental, and social concerns. Social concerns include standards for suppliers, corporate citizenship and philanthropy, and labor practices. By addressing sustainability issues a company is seen as insuring its long-term vitality.

The last index series is compiled by the FTSE Group, a subsidiary of the London Stock Exchange. Termed the FTSE4Good Index Series it evaluates companies on a variety of sustainability issues. Strong Corporate Social Responsibility (CSR) practices are seen as a means of mitigating risk and an indication of sound management. The FTSE Group looks into a company’s environmental sustainability and supply chain labor standards as well as other areas of interest. This analysis helps determine the most sustainable businesses.

Although these indexes are primarily a means of evaluating investments they provide essential insights into the area of corporate responsibility. Each is further evidence that supporting communities rather than harming them is a vital business practice. They are further evidence of the evolving landscape of CSR. It is now increasingly seen as a means of reinforcing a brand, building loyalty, and ensuring that one’s business is appropriately situated to address societal challenges.

Creating a Culture of Corporate Social Responsibility (CSR) in Your Company

When thinking of how to create a corporate social responsibility (CSR) culture inside of your company it is important to think about both the values of your company and also what CSR involves. In a general sense, CSR includes the parts of your business that do not have to deal with finance. Alexander Garrett of Management Today describes it as, “ethics; interactions with people inside and outside your company; and how you affect the planet” (Garrett, 1) in his article Crash Course in...Creating a CSR Strategy.

In terms of values, the social work that is done cannot go against what your company believes in. People will see right through your CSR report and begin to distrust your company; this means all of your consumers walk away. In a study done by Shital Jhunjhunwala, Assistant Professor of Finance, Institute of Public Enterprise, entitled Intertwining CSR with Strategy- the way ahead, there were social implications which claimed, “business cannot survive without society’s acquiescence nor succeed without its active support” (Jhunjhunwala, 1). For example, within a tech company, it isn’t wise to claim to love being green and being energy efficient if the products that are being sold use far more energy than other products on the market. This would demonstrate that not only do you not care about the planet, but you also think consumers lack the intelligence to find out that you are lying to them, not the best plan in any scenario.

Furthermore, while CSR initiatives have to start from the top-down, because nothing will be sustainable if the board is not supporting CSR efforts, employees have to also believe in the mission that is being encouraged. If the board decides that they want their employees to get a specific number of hours of volunteer work, ask the employees what they are interested in. If people are more interested in animals, begin a puppy and kitten initiative where they are able to support and volunteer with animal shelters; if they want to help the poor, create initiatives where they are volunteering at a food bank or building homes.

According to Garrett, these initiatives should not only come from employees but also customers and investors. It is important to know what people want from your company (Garrett, 1). One of the ways to do this is to be open with everyone, to never provoke sentiments that your company is untrustworthy. There are many ways to do this such as the use of social media. One of the methods that Garrett suggests is to give clear pieces of your CSR message but then also have ways for the public to see the full scale of all that you are doing. This could be a link online that leads to a full report of the initiatives that your business is taking. Along with being trustworthy comes accepting that the company is not perfect. It could be that the company never recycles and they serve every meal in Styrofoam. The important thing is also explaining how those behaviors are going to change. Let everyone know how you will do better but that it will take time and then explain to them your time frame for meeting different target goals (1).

Is this a step by step tutorial on how to make a perfect CSR culture? No. Every company is different and they will have to start small and find out what works best for their company, one does not simply know the best strategy for a CSR culture right away. This is just where to start, to find out how a CSR culture can work for both the company and society. The right CSR culture will do both and add value and sustainability to a corporation.

 

Newer Entires     1   ...   18   19   20   21   22   23