Security
If I am wondering if a hyperlink sent to me via email is legitimate, I should:
a. Click it and see what happens
b. Send it to my supervisor
c. Meditate
d. Hover over it with your mouse, and do not click
What is, d. Hover over it with your mouse, and do not click
To prevent a Ransomware attack, stay alert and do not opening suspicious emails or click on unknown links. Take the phishing training.
Think before you act. Aside from any training a staff may have received, think about the email you received. Does it look suspicious? Do you recognize the sender? Are they asking for any information? Before you click to open this email, think about these questions and if something seems off just a little bit, do not open. Report it to our CISO and/or ask your supervisor if it’s safe.
How can I run a meeting an get a transcript of the discussion sent to me afterwords?
a. Ask your friend to take notes
b. Try to type and facilitate at the same time
c. Turn on recording on your TEAMS meeting and the video uploaded to STREAM will automatically contain complete transcript.
d. Call All Covered
c. What is turn on recording on your TEAMS meeting and the video uploaded to STREAM will automatically contain complete transcript.
The EMR we use now was bought in...
a. 2001
b. 1971
c. 2006
d. 2009
e. 2004
c. 2006
Do computer/Windows updates impact EMR use and when should updates be accepted?
YES! Sometimes updates can come up while you are working on your computer and you may ignore it at the time. It is very important to keep your software updated to make sure your computer and all the information stored on it is safe.
Active X updates, for example, are required to view reports in EMR. Staying current on the latest IE release is also important to ensure the latest security patches are installed. Certain features of EMR and MFA do not work on older versions of IE as well.
It is important to keep your computer updated with latest patches and updates because...
Patches often contain important updates to prevent hackers from getting in.
This also applies to our EMR, our phones, and our phone apps.
If you need to lock your computer quickly, you can...
a. Run while shutting it down
b. Do a hard reset
c. Press Windows logo key + L
d. Shut off your monitor
c. Press Windows logo key + L
Help keep your PC safe. Press Windows logo key + L before you walk away from it.
More here: https://www.microsoft.com/en-us/tips/home/protect-your-pc#lockpc
The best MS application tool to share a video for staff is....
Microsoft Stream https://web.microsoftstream.com/
This WiFi connection is best for off-site EMR use.
What is built-in Verizon LTE or SBHG MiFi
The EMR system should not be accessed on public networks (Coffee Shops, Parks, airports, etc.)
These are the internet browsers that our EMR is currently safe to access with...
What is IE and Chrome*.
*NX (a new interface for EMR, but using the same database) will eventually be rolled out to all staff allowing for Chrome access. Staff do not yet access EMR via Chrome.
If you need to schedule a large meeting, and find the best time to meet with a larger group of participants even if some of them are external, who or what can help with this?
Outlook has a free add on called https://findtime.microsoft.com/
If you observe or hear about a work related security incident you should...
a. Call Elon Musk
b. Call 911
c. Place an EMR Ticket
d. Call All Covered
e. Reach out to the IT Security Department by sending an email to CISO
e. Reach out to the IT Security Department with details of your information security question, concern or incident involving company computer or network. Send an email to CISO .
You are looking for an email that was sent to you but you did not receive it. What should you do?
a. Read all your emails again
b. Search the company email Quarantine
c. You may not have really gotten the email. Don't stress.
d. Call all your co-workers and ask them to resend any email sent to you in the last 5 business days.
b. Search the company email Quarantine and release the message as needed
If you lose your cell phone, you should...
Call your phone carrier to deactivate your old phone and let IT/All Covered know immediately to change your MFA authentication account.
Thoughts?
How you log off of EMR correctly and securely.
What is clicking the red circle in the right upper-hand corner of the EMR session and logging out, then closing your IE browser window.
If there is an internet outage and staff need to use EMR, staff should:
a. Go to Starbucks
b. Call All Covered
c. Start using paper
d. Call Verizon
b. Call All Covered
The best place to store your network/email/EMR/bit-locker password is...
What is in your head?
Avoid writing down PHI/HIPAA sensitive information on paper/notepads. Notepads/Notebooks are not password protected, hence, puts information at risk.
If you want to add an new add-on App like Boomerang to Outlook, you should...
a. Never do that
b. Try it out and see if it is compatible with our GPO settings.
c. Email CISO to ask and make sure the app is safe and HIPAA compliant
c. Email CISO to ask and make sure the app is safe and HIPAA compliant
If you want to know the official policy for computer use, you should...
Go to SharePoint, Polices and Procedures, and search for computer use policy.
If staff find out someone logged into EMR as them, they should:
a. Run and Hide
b. Tell their Supervisor
c. Email CISO
d. Call All Covered
e. B and C
f. All of the above
B & C- Email CISO and Tell their Supervisor
Note: Do we need a policy for situation?
The best place to write your password on your laptop is...
Nowhere!
Encryption at rest means...
a. When you turn it off it is encrypted
b. When you are sleeping, you can't get hacked
c. Encryption of date on a storage medium
d. When people relax about having all laptops and PCs encrypted.
c. Encryption of date on a storage medium. Encryption at rest protects your data wherever you’ve stored it, whether that’s on your hard drive or in the cloud. For instance, if an employee’s laptop is lost or stolen, whoever gains possession of that laptop can access the data by booting through a thumb drive, even if they don’t know the login password. But, if the hard drive has been encrypted, then all that data just looks like a long string of nonsense words.
If you are helping a staff member and see that their personal computer they use for work and EMR is using Windows XP, you should...
a. Convince them to buy a new computer
b. Nothing, this does not mean it is not safe
c. Email their administrator
d. Email CISO
d. Email CISO
There currently this many Counties we do business with that are billing electronically and accept 837 claim files generated from our EMR...
a. 0
b. 1
c. 2
d. 3
e. 4
b. 1
The HIPAA "privacy rule" relates to:
a. EMR
b. Paper charts
c. Text messages and emails
d. USB drives
e. All of the above
The Privacy Rule protects all "individually identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. The Privacy Rule calls this information "protected health information (PHI). The Privacy Rule standards address the use and disclosure of individuals’ health information—called “protected health information” by organizations subject to the Privacy Rule — called “covered entities,” as well as standards for individuals' privacy rights to understand and control how their health information is used. Within HHS, the Office for Civil Rights (“OCR”) has responsibility for implementing and enforcing the Privacy Rule with respect to voluntary compliance activities and civil money penalties.
If staff report that they lost their computer to you, you should...
Email CISO