We may see an increase in incidents since we are in the holiday season so it’s important to remind users what security incidents are and how to report them.

Try posting something around the facility and sending an email that gives examples of security incidents:

  • Lost or Missing Paper PHI Records
  • Unauthorized Access to PHI or Systems
  • Warnings of a Virus or Ransomware
  • Interacting with a Phishing Email
  • Any Suspicious Activity or Persons
  • Violations of Security Policies

Along with the examples, include who they should contact to report incidents:

  • Security/Compliance Hotline
  • HIPAA Security Officer
  • IT Help Desk or Support

Constantly reminding users of threats and best practices will help your organization’s security posture! Many times, it’s human error that causes an incident like ransomware so education and training users is a needed step to reducing your organization’s risk.