Tips for Cyber Security in Your Veterinary Practice: PART II

With the risk of a cybersecurity breach increasing on a daily basis, below are some tips that will help a practice owner maintain the security that they need in order to protect safeguard data.

Plan for the Unexpected

Unless your confidential data is totally disconnected from the internet, you must install a firewall to protect against intrusions from outside sources.

Software firewalls, from somewhere like Indeni, are included with some popular operating systems, providing protection at the installation stage.

Alternatively, separate firewall software is widely available from computer security developers.

Large practices that use a Local Area Network (LAN) should consider a hardware firewall.

A hardware firewall sits between LAN and the Internet, providing centralized management of firewall settings.

Install and Maintain Anti-virus Software. There are different types of anti-virus software which can be downloaded at Eurodownload.com, should you be needing a new one.

Use an anti-virus product that provides continuously updated protection against viruses, malware, and other code that can attack your computers through web downloads, CDs, email, and flash drives. It may be worth getting in touch with an IT consulting company who would be able to help secure the network at the workplace and also put preventative measures in place to reduce the risk of cyber-attacks/viruses.

Keep anti-virus software up-to-date.

Most anti-virus software automatically generates reminders about these updates, and many are configurable to allow for automated updating. Also using things like Bester Virenschutz will ensure that you have the best anti-virus software available for your computer.

Stuart J. Oberman, Esq. handles a wide range of legal issues for the veterinary profession including employment law, cybersecurity, practice sales, real estate transactions, lease agreements, OSHA compliance, veterinary board complaints, and entity formation.

For questions or comments regarding this article please call (770) 554-1400 or visit www.obermanlaw.comIf you would like Stuart J. Oberman, Esq. to speak at an event, please contact Katharine Drum, Marketing Coordinator (kath@obermanlaw.com).

Tips for Cyber Security in Your Veterinary Practice: PART I

With the risk of a cyber-security breach increasing on a daily basis, below are some tips that will help a practice owner maintain the security that they need in order to protect patient information.

Use Strong Passwords and Change Them Regularly

Selecting Passwords

Choose a password that is not easily guessed. Below are some examples of strong password characteristics:

❒ At least eight characters in length (the longer the better).

❒ A combination of upper case and lower case letters, one number, and at least one special character, such as a punctuation mark.

Strong passwords should not include personal information, such as:

❒ Birthdate

❒ Names of self, family members, or pets

❒ Social Security Number

❒ Anything that is on your social networking sites or could otherwise be easily discovered by others.

Updating Passwords

Configure your systems so that passwords must be changed on a regular basis.

Resetting Passwords

To discourage staff from writing down their passwords, develop a password reset process to provide quick assistance in case of forgotten passwords. This process could involve:

❒ Allowing two different staff members to be authorized to reset passwords

❒ Selecting a product that has built-in password reset capabilities.

Limit Network Access

❒ Prohibit staff from installing software without prior approval.

❒ When a wireless router is used, set it up to operate only in encrypted mode.

❒ Prohibit casual network access by visitors.

❒ Check to make sure file sharing, instant messaging, and other peer-to-peer applications have not been installed without explicit review and approval.

Control Physical Access

❒ Limit the chances that devices (e.g., laptops, handhelds, desktops, servers, thumb drives, CCs, backup tapes) may be tampered with, lost, or stolen.

❒ Document and enforce policies limiting physical access to devices and information.

❒ Keep machines in locked rooms.

❒ Manage keys to facilities.

❒ Restrict removal of devices from a secure area.

 

 

 

Stuart J. Oberman, Esq. handles a wide range of legal issues for the veterinary profession including employment law, cyber security, practice sales, real estate transactions, lease agreements, OSHA compliance, veterinary board complaints, and entity formation.
For questions or comments regarding this article please call (770) 554-1400 or visit www.obermanlaw.com
If you would like Stuart J. Oberman, Esq. to speak at an event, please contact Katharine Drum, Marketing Coordinator (kath@obermanlaw.com).

Tips for Cyber Security in Your Chiropractic Practice

With the risk of a cyber-security breach increasing on a daily basis, below are some tips that will help a practice owner maintain the security that they need in order to protect patient information.

Establish a Security Culture

❒ Build a security-minded organizational culture so that good habits and practices become automatic.

❒ Conduct information security education and training frequently.

❒ A practice owner should be the security leader in the practice and set a good example in attitude and action.

❒ Instill taking responsibility for information security as one of your practice’s core values.

Protect Mobile Devices

❒ Ensure your mobile devices are equipped with strong authentication and access controls.

❒ Ensure laptops have password protection

❒ Enable password protection on handheld devices (if available). Take extra physical control precautions over the device if password protection is not provided.

❒ Protect wireless transmissions from intrusion.

❒ Do not transmit unencrypted Protected Health Information (PHI) across public networks (e.g., Internet, Wi-Fi).

❒ Where it is absolutely necessary to commit PHI to a mobile device or remove a device from a secure area, encrypt the data.

❒ Do not use mobile devices that cannot support encryption.

❒ Develop and enforce policies specifying the circumstances under which devices may be removed from the facility.

❒ Take extra care to prevent unauthorized view of the PHI displayed on a mobile device.\

 
Hopefully, this information will provide some simple security tips in order to prevent a violation and/or security breach which can devastate a practice.

 

iStock_000015498430Small
Stuart J. Oberman, Esq. handles a wide range of legal issues for the chiropractic profession, including: employment law, cyber security breaches, practice sales, real estate transactions, lease agreements, OSHA compliance, chiropractic board complaints, and professional corporations.

For questions or comments regarding this article  please call (770) 554-1400 or visit www.obermanlaw.com
If you would like Stuart J. Oberman, Esq. to speak at an event, please contact Katharine Drum, Marketing Coordinator (kath@obermanlaw.com).

What Every Business Owner Should Know About the Termination of Employees

Unfortunately, employee termination is often a necessary part of running a successful business. Recent statistics show that the federal government collected $350,000,000.00 in fines in one calendar year for employment law violations and that the average settlement payment to a disgruntled employee in a wrongful termination suit was $25,000.00.
Business owners should familiarize themselves with the applicable laws and consult an attorney prior to any employee termination. This will reduce exposure to time consuming and costly litigation and allow business owners to continue doing what they do best: running and managing their business. They can also get insurance to cover them in the instance that the issue is based on an honest mistake being made, for example this insurance information explains how some laws can be difficult to decipher, leading to employers making decisions based on misinformation.

Generally, employees without an employment contract are considered at will. Employees at will can be fired by an employer at any time, for any reason or for no reason at all with no resulting liability. Conversely, these “at will” employees are free to end their employment at any time and for any reason.
To prevent subjecting yourself and your business to litigation regarding an employee termination, it is crucial that employers accurately and objectively document each employees performance issue that arises in the course of the employment. Employers should keep a personnel file on every employee and maintain documents concerning employee issues, problems, and discipline.
The failure to property document employee issues, problems, and discipline may subject the owner of a business to unexpected liability.

 

 

iStock_000038374680XLarge_Resized

 

Stuart J. Oberman, Esq. handles a wide range of legal issues for the business community including business transitions, sales, real estate transactions, lease agreements, employment law and entity formation.
For questions or comments regarding this article please call (770) 554-1400 or visit www.obermanlaw.com
If you would like Stuart J. Oberman, Esq. to speak at an event to your organization, please contact Katharine Drum, Marketing Coordinator (kath@obermanlaw.com)

Cyber Breaches in Businesses – The New Frontier

Cyber security in a business is becoming more and more complicated. In fact, most businesses have little or no cyber security measures. This is why they should be considering bringing in IT support in Doncaster to help improve their computer systems and security.

Hackers like to target small businesses because they know that a small business owner typically does not have the resources for more sophisticated (and more expensive) security defenses. Sometimes it can be worth the time getting an it consulting firm to check the security, but what else can you do to keep safe?
How can a business owner secure patient data in a digital world?

1. Set up and enforce a strict computer and Internet use policy that restricts employees from reading and downloading personal email while using an office computer.

2. Hire an experienced IT company to set up a strict firewall on your office network. If your business uses wireless, have the IT company hide your wireless network from public view.

3. Train your employees on how viruses infect computers with common user habits such as forwarding personal email messages and downloading computer wallpapers.

4. Keep all anti-virus and anti-malware software updated along with computer operating systems.

5. Always create strong passwords of more than 8 characters that use mixed-case letters and include numbers and symbols.

6. Keep business and home computing separate. Don’t use a laptop at home for fun and then bring it into the office for use on the business network. Business computers should strictly be used for business.

With the proliferation of cyber breaches in businesses, data security is no longer an option.

iStock_000038374680XLarge_Resized

Stuart J. Oberman, Esq. handles a wide range of legal issues for the business community including business transitions, sales, real estate transactions, lease agreements, employment law and entity formation.
For questions or comments regarding this article please call (770) 554-1400 or visit www.obermanlaw.com

If you would like Stuart J. Oberman, Esq. to speak at an event, please contact Katharine Drum, Marketing Coordinator (kath@obermanlaw.com).

Sign up for our Newsletter!

What Qualifies as Extra Label Drug Use

Q: How do I know what qualifies as ELDU?

A: Specific criteria must be followed:

  • A valid VCPR is a prerequisite for all ELDU;
  • Only a veterinarian can determine that ELDU is needed and can administer, prescribe or dispense a medication extralabelly. The veterinarian must direct or supervise ELDU in an animal;
  • ELDU rules only apply to FDA-approved animal and human drugs;
  • ELDU is intended for prevention, treatment, and control purposes only when an animal’s health is threatened. ELDU of drugs for production use and/or in feed is not approved;
  • ELDU is not permitted if it results in an illegal food residue, or any residue which may present a risk to public health;
  • A veterinarian must not pursue use of certain FDA-prohibited drugs in food-producing animals.

ELDU of an FDA approved drug may be used if:

  • There is no approved animal drug that is labeled for such use, or that contains the same active ingredient in the required dosage form and concentration.
  • Alternatively, an approved animal drug for that species and condition exists, but a veterinarian finds, within the context of a VCPR, that the approved drug is clinically ineffective for its labeled use.

There are few restrictions on extralabel use in non-food-producing animals compared to food-producing animals. If the intended use is in a non-food-producing animal, then an approved human drug may be considered for extralabel use even when an approved animal drug for that species and condition exists. Economic reasons for ELDU of a human drug over the approved drug for that species are valid to treat the medical condition. Veterinarians should recognize, however, that human-labeled drugs are approved based on studies in people and their use in animals could vary. In addition, minor differences in the formulation may produce alterations in the pharmacokinetics and biological availability in the animal species compared to humans. Also keep in mind that consistent use of human-labeled drugs when approved animal-labeled drugs are available could create relative disincentives for the animal health industry to pursue new animal drug approvals and could further limit the availability of veterinary drugs.

The following additional conditions must be met for ELDU in food-producing animals:

  • Such use must be accomplished in accordance with an appropriate medical rationale; and
  • If scientific information on the human food safety aspect of the use of the drug in food producing animals is not available, the veterinarian must take appropriate measures to assure that the animal and its food products will not enter the human food supply.

If the veterinarian determines the food-producing animal needs a drug administered in an extralabel fashion, an approved animal drug must be considered for the particular use before a drug labeled for humans is considered. The prescribed or dispensed extralabel drug (prescription legend or over-the-counter) must bear labeling information which is adequate to assure the safe and proper use of the product.

Labor Law Update for Dentists

As of April 30, 2012, most private sector employers will be required to post a notice advising employees of their rights under the National Labor Relations Act. This requirement applies to a variety of entities with a gross annual volume of at least $250,000.00. The poster is available for free at https://www.nlrb.gov/poster or by calling (202) 273-0064.

In addition to the NLRA poster, the U.S. government requires the posting of these workplace posters: 1) Employee Polygraph Protection, 2) Equal Employment Opportunity, 3) Fair Labor Standards Act, 4) Job Safety and Health Protection, 5) Rights Under the Family and Medical Leave Act (for employers of 50 or more individuals), and 6) Uniformed Services Employment and Reemployment Rights Act. You can obtain them for free from the U.S. Department of Labor Web site www.dol.gov/compliance/topics/oster.htm.

Should you choose a friend to be your business partner?

Planning to start a business partnership with a friend? Prudence demands looking at the pitfalls – as well as the potential strengths – of such relationships. Here are a few questions to consider.

What will my friend contribute to the business? Does he or she have strengths that will clearly enhance the business – abilities, knowledge, or resources that you don’t possess or aren’t willing to acquire by other means? Say, for example, you are good with customer relations, but not too good with numbers. If your friend loves details and is clever with records, the partnership may make sense. If, on the other hand, your friend really can not offer something that would round out the business or make it more profitable, you might want to consider partnering with someone else. If your primary concern is where the bulk of your funding is going to come from to get you off the ground then you may want to check out the banking and financial services available to businesses from the likes of Atlantic Union Bank, seen here – https://www.atlanticunionbank.com/business.

Are you willing to lose the friendship? This is a tough question, but one that’s critical to consider. After all, you and your friend will be working together, day in and day out, to make the business succeed. Such relationships can bring out the best – and worst – in people. Most, if not all, business partners will disagree on things from time to time. These disputes can be minor or they can grow into much larger arguments, which could impact the company. If this does happen and the argument involves legal matters, it might be worth looking at contacting a business and commercial litigation attorney for entrepreneurs in Reno or somewhere more local to you. Disagreements are likely to happen, especially if both of you are passionate about the business. However, if maintaining your friendship is one of your highest priorities, partnering with someone else may be a better choice.

What’s expected from each partner? Developing a profitable business is hard and often unrewarding work. You and any potential business partner should honestly discuss expected work hours, contributions, and responsibilities. Resentment can creep into any business relationship when partners feel that workloads and rewards aren’t fairly distributed. As there will be a lot to do when starting a business, it is important to discuss what each business partner should be doing to try and benefit the business. Without a conversation about this, it can be unclear what each person is doing. A good example of something that could benefit the business is looking into marketing. If you haven’t already used it, SEO services can be particularly useful for startup businesses. Victorious, and other companies similar, can offer SEO services that can increase website traffic and hopefully increase your business growth. That could, potentially, ease some of the tension that may result from the business not progressing.

Can you communicate effectively? Like a good marriage, a long-term business partnership takes honest communication to succeed. Ask yourself, for example, whether you can handle constructive criticism from your friend/business partner. Even the closest business partners don’t always see eye to eye, so it’s important to take an honest look at how you both handle disagreements. Will you work through difficulties for the firm’s sake, or bury your head in the sand and hope for the best? Answering this question is crucial to the success of your partnership.

Protecting the Value of Your Practice:
 Non-Compete and Trade Secret Agreements

Practice owners are often concerned about how to best protect their patient base when an associate leaves the practice. There are two methods of preventing this type of devastation to a practice, which are: (1) non-compete agreements and (2) trade secret agreements.  Both of these types of agreements should be incorporated into an associate’s employment agreement.
Non-Compete Agreements
A non-compete agreement allows the owner of a practice to limit a former associate from starting his or her own practice as well as prohibit an associate from working for a competitor.  The owner of a practice should always consult with their attorney before entering into any type of non-compete agreement.
Trade Secrets
A trade secrets provision in an associate’s employment contract will also help protect confidential information of a practice.  A trade secrets provision should provide that all patients and their confidential information are trade secrets of the practice, and sanctions will be enforced against any associate or employee who attempts to use this confidential information for their own personal gain.
The owners of a practice must be familiar with non-compete and trade secrets agreements.  All associates should be required to sign a non-compete and a trade secrets agreement at the beginning of their employment.
Without a proper non-compete and trade secrets agreement, either prepared separately or incorporated into an associate’s contract, the owner of a practice has substantial financial risk.

Five Potential Legal Risks Associated with Groupon

With the explosion of social media and online marketing, members of the dental community must be aware of the risks associated with new marketing approaches. Moreover, with marketing services for dental practices soaring in popularity, it is crucial that dental industry professionals are aware of the legal side of promoting their products and services to a wider audience. Accordingly, while dental practices have successfully utilized the services of Groupon to attract new patients, there are growing concerns regarding this type of marketing. The American Dental Association has recently published its opinion on the Groupon issue. Before a dentist participates in a Groupon marketing campaign, they must be aware of potential ramifications.

1: Fee-Splitting
A dentist utilizing Groupon to offer discounts to new and current patients will split a portion of the revenue generated from the promotion with Groupon. Many states have regulations that prohibit fee splitting between a dentist and a third party. A violation of the state regulations could result in the dentist facing censure and reprimand, fines, suspension, and even license revocation.

2: Federal Anti-Kickback Statute
The federal anti-kickback statute, 42 U.S.C. § 1320a-7b(b) generally prohibits a dentist from offering or paying remuneration to induce a person to refer a patient that may be eligible for services under a federal health care program, including Medicare or Medicaid. A dentist violating federal law could be charged with a felony and subject to fines, imprisonment, and exclusion from federal health care programs.

3: Most Favored Nations Clause
The terms of a dentist’s contract with third party payors [insurance carriers] may pose problems with the offer and award of Groupon’s discounts to patients. Many insurance contracts provide that the dentist must provide the insurer with the best price that the dentist charges for a particular service (a “most favored nations” clause). Providing a discounted rate to Groupon customers may breach the most favored nation provision in an insurance contract. As a result, the dentist may be required to offer the same discount to the insurer’s patients.

4: ADA Ethical Rules
According to the American Dental Association Principles of Ethics and Code of Professional Conduct Section 4.E. Rebates and Split Fees, dentists “shall not accept or tender ‘rebates’ or ‘split fees'”.

5: Dental Boards
Most dental boards provide that a dentist “shall not give rebates or split fees with a referral source”.

Before a dentist enters into or makes a starts any type of marketing campaign (or social media campaign), they should seek legal advice as to the application of state and federal laws, the most favored nations clause, ADA Ethical rules and Dental Board rules. While the marketing of any dental practice is important, an ill-advised marketing campaign could result in a dentist being censured, reprimanded, fined, suspended, and lose their license.

1 2 3