Software firm injects a little fun into serious business of data security
What was this person doing in our data center parking lot, looking around nervously and clicking on her smartphone? Was she just looking for directions or was she scoping out our building to launch a data hack? Although we try to take a light-hearted approach whenever possible, we take data security very seriously, and there was something very odd about this gal’s behavior.
Turns out, the makers of Pokémon Go had placed a “Poké Stop” next door to our data center and corporate headquarters, and this gal was tracking down a virtual critter. We promptly notified the game maker and requested they move the location away from our building.
As a software company that routinely handles protected health information (PHI), we closely follow the HIPAA and HITECH statutes and related Code of Federal Regulations (CFRs), and use the Office of Inspector General’s stringent guidelines that provide guidance on actions we need to take. The OIG guidelines deal with everything from the policies and procedures that should be in place to how to respond to potential privacy or security incidents.
The Office of Civil Rights recently began a second wave of healthcare audits and has been cracking down on companies that suffer data breaches because the financial impacts can be so great. According to the Ponemon Institute, a data breach costs more than $2.2 million for a healthcare organization and more than $1 million for a business associate.