Podcast Episode: HIPAA, Cybercrime & Human Error
Pairaphrase Founder & CTO Rick Woyde appeared on Podcast Detroit with Joe Dylewski, President & Owner of ATMP Solutions. In this podcast episode they talk critical components of HIPAA and how various types of cybercrime and human error can threaten healthcare data security, privacy and electronic data exchange.
Transcription (first 10 minutes)
You’re listening to the podcast Detroit Network visit www.PodcastDetroit.com for more information.
Hello again. This is Rick Woyde, CTO at Pairaphrase. And today my guest is Joe Dylewski with ATMP Solutions. Hi, Joe.
Thank you for joining me tonight. I really appreciate it.
Thanks for having me.
Tell us a little bit about yourself and your business, Joe.
Sure. I am an IT professional by trade. I’ve been in the IT business for approximately 30 years, doing a variety of things. Back in the days where Novell Blue and Redbox networks were part of the mainstream. And for the past 13 years, I’ve really focused my career on cybersecurity and really it started with a lot of the work that medical professionals were doing to convert a lot of their paper records to electronic and really started working with them and other companies who were handling sensitive information.
And really the focus of what I’ve been doing is more on the business risk side and teaching and educating people about how cybersecurity affects their business. So the ability to look at a business’s overall risk posture relative to the information that they store, process, transmit, and then help them put a plan in place to to remediate that. We tend not to get involved in a lot of the technical implementation. And at the end of the day, my goal is to educate people and teach them about what’s going on.
And also, from an educational standpoint, I have a bachelor’s degree in business administration and a master’s degree in mathematics. And so in addition to this, I’ve also taught at the college level in math. So teaching is what I really try to accomplish with all this.
Terrific. And if somebody wants to get a hold of you, how would they get a hold of you?
The best way to do it is our website, which is ATMPGroup.com. And from there there’s information about the company and a contact page to reach us.
Terrific. Thank you. So let’s let’s get right into it. And tonight or today, our topic is HIPAA. And full disclosure here, Joe’s firm is helping Pairaphrase with an audit right now, a compliance audit. And it’s been a very fascinating and educational and very valuable experience. But I think there’s a lot of mystery is what I would say around HIPAA.
So please tell us what exactly is HIPAA.
Sure. So HIPAA just recently passed its 24th birthday and you have to go back to ’96 to to kind of look at the roots of HIPAA. Basically, HIPAA was designed, believe it or not, to help reduce costs in healthcare. And the healthcare industry in general, sometimes people look at them and think that they kind of lag behind in technology implementation. And one of the problems that we had in healthcare back in the 90’s and before that was these organizations communicated by paper.
So if you put it in simplest terms, if you were to go to the doctor, they would record your insurance information and they would keep ledgers of all the procedures, all the diagnoses, and they would package that up and then send that to an insurance company through mail or courier, where the insurance company would then unpack it by paper. And that was very costly. The administrative overhead and all of that was very costly. So they had to come up with a standard to be able to take this information, make it electronic and be able to communicate between doctors, hospitals and insurance companies in electronic fashion.
Well, the problem was there was no real standard to do that. In addition to that, it brought up a whole lot of other implications around the privacy of that data. So once it became electronic, who could see it? The security of that data in its electronic form, what rules were in place to make sure that if a doctor, an insurance company had it, that they took care of it, that they were good stewards of that data.
So in the process of taking and implementing these methods of being able to take that information and move it places and share it places, they also took and implemented the whole idea of insurance portability, right. So when you look at HIPAA, HIPAA is actually the Health Insurance Portability and Accountability Act. So there were a number of titles in the whole HIPAA law that was passed in ’96 that dealt with things like being able to take your insurance from one company to another or being able to carry your insurance.
There were tax implications relative to that. But one of the big pieces was this whole idea of administrative simplification, so they agreed on information exchange rules, but they also agreed on things like the privacy and the security of that information once it was there. So that then really led to the propagation of those rules, not only to doctors, hospitals, health insurers and providers and so forth, but it also led to the further propagation of that into the supply chain.
So, for example, if I was a company providing services to an insurance company or a doctor, then I was really expected to live by the same set of rules that they were, because the data, whether it’s at a doctor’s office or it’s at a company providing services, it’s still equally important and has to be protected the same way. So over time, the HIPAA rule became more pervasive throughout a lot of different companies within the health care industry.
And when we think about it today, most individuals that think about HIPAA, they tend to go towards that form. They sign when they get to the doctor. Right. That’s our that’s our knowledge of HIPAA. But there’s as you’ve learned, there’s so much more behind the scenes that deal with some of the rules and guidelines that have to be followed to protect it. So that takes us up to where we are today. And in between ’96 and today, there have been a couple of different updates in additional guidance provided by Department of Health and Human Services.
But kind of encompassing all of that is really what’s gone on the last 24 years. But now with how much we hear on a daily basis about security breaches, all of the standards, HIPAA included, have gotten a lot more visibility and exposure, and they’re taking it much more seriously than they ever have. And that is ramped up over the years.
Well, I think cybersecurity today, especially during our current time of this pandemic, is more important than ever because I’m under the impression, it appears to me that cyber crime is just exploding right now.
There’s all kinds of fraud going on. There’s all kinds of phishing, which still remains a huge issue for everyone because it is so pervasive and the ones that are really good at it are really, really good at it. So how does HIPAA exactly keep you more secure?
Well, there’s within HIPAA I talked about that administrative simplification title, or rule. And within that administrative simplification, there are actually three sets of different rules.
One of them is called the security rule. And the security rule lays out a number of administrative, physical and technical safeguards that organizations have to follow. They have to be able to attest that, yes, I do this, yes, I do this. And for the layperson who might not know cybersecurity, there might be things within that rule that they never knew about.
Yeah, we all take it for granted. And we cross our fingers and hope that companies and websites and wherever we’re entering our personal information is safe.
And I’ll give you an example of something that really stands out. I could be a typical physician, right. A provider that’s running a practice. And I run on my electronic medical records software, but I also on my laptop have worksheets, spreadsheets with patient names. I may also have images of that patient. And not a lot of people realize this, but that is also protected health information. Okay, so I’m putting a lot of focus and attention on that medical record software, which might be up in the cloud wherever it’s located.
But I tend to lose sight of this information that’s sitting on my laptop. So to use your example of phishing, generally what phishing does is it’s targeting the potential for human error. Okay, because I get a phishing message, I click on a link, and it either imports some type of malicious code which can encrypt my workstation, i.e. ransomware, or it puts something on my workstation that can capture my credentials. And phishing is part of it. But the other is voice.
I mean, how many how many stories have we read about people, people I know who have gotten calls from Microsoft support. And they say, I need to get on your computer type this LogMeIn.com and they take remote control of your computer. But these are all exercises designed to exploit human error. And so I think a lot of HIPAA and I always say a lot of HIPAA is designed to prevent or really to add human fault tolerance to prevent human error.
Listen to the Full Podcast Episode
How to Translate a Google Doc Most Efficiently 
Want to translate Google Doc text? Learn why you should use Pairaphrase as your Google Docs translator.
Best English to Polish Document Translation Software 
Looking for English to Polish translation software, but not sure what features you need? Access this buying guide.
Translation Services 101: Your Guide to the Basics
Need translation services? First, learn the basics! This way, you can make an informed decision. Explore this guide to translation services.
Best Redokun Alternative for Enterprises (2023)
Want a secure enterprise alternative to Redokun? Learn why Pairaphrase is the best Redokun alternative for enterprises here »
Localization 101: Your Guide to the Basics
Curious about localization? Learn about localization vs translation, what it is, how it works, benefits & more in this guide to the basics!
Best Memsource Alternative for Enterprises (2023)
Want a secure enterprise alternative to Memsource? Learn why Pairaphrase is the best Memsource alternative for enterprises here »
How to Translate Entire Google Sheets (All Cells) 2023
Want to translate entire Google Sheets? Learn why you should use Pairaphrase as your Google Sheets translator.
How to Translate Entire Google Slides Presentation 
Want to translate Google Slides presentation text, notes & charts? Learn why you should use Pairaphrase as your Google Slides translator.
Fast Turnaround Translation: How to Get it
While fast translation turnaround and linguistic quality is a delicate balance, this post will tell you how to best use Pairaphrase to get fast translations.
Best English to Arabic Document Translation Software (2023)
Looking for English to Arabic translation software, but not sure what features you need? Access this buying guide.
Best OnlineDocTranslator.com Alternative (2023)
Considering an alternative to OnlineDocTranslator.com? Explore why Pairaphrase is the best OnlineDocTranslator.com alternative for enterprises.
How to Translate an IEP Document
Need to translate an IEP document? Learn how to translate IEP documents in the most efficient and secure way possible.
Machine Translation (MT): Your 2023 Guide to the Basics
Curious about Machine Translation (MT)? Learn about machine translation, how it works, benefits of machine translation & more.
How to Translate PDF Document Text to Another Language (2023)
Learn common issues involved with translating PDF documents and discover why Pairaphrase is the best PDF document translator.
How to Translate XML Files Online (2023)
Need to translate XML files online? Learn about the best features to use when translating XML files.
Best English to Italian Document Translation Software (2023)
Want the best English to Italian document translation software for business? Read about the 10 best English-Italian translator app features.
Learn all about terminology management in this comprehensive guide.
Smartling Alternative for Enterprises in 2023
Want a Smartling alternative? Explore 10 possible reasons you need one, and why Pairaphrase might be your best alternative.
How to Translate XLIFF Files Online Successfully (2023)
Need to translate XLIFF files online? Learn why Pairaphrase is the best way to translate an XLIFF file.
Best Japanese to English Document Translation Software (2023)
Looking for Japanese to English translation software, but not sure what features you need? Access this buying guide.
How to Translate SRT Files Effectively in 2023
Learn how to translate SRT files in 2022! Explore the reasons Pairaphrase is the best way to translate an SRT file effectively.
Best English to Japanese Document Translation Software (2023)
Looking for English to Japanese translation software, but not sure what features you need? Access this buying guide.
Brochure Translation Software Features to Look for
Need brochure translation? Look for these 10 top brochure translator features (before you buy).
Best Way to Translate Articulate Course Files
Need to translate Articulate course files? Learn why Pairaphrase is the best way to translate Articulate files (XLIFF 2.0).
Best Way to Translate Multiple Files Simultaneously Online
Need to translate multiple files simultaneously online? Learn why Pairaphrase is best for batch translation.
Using Pairaphrase Translation Software with Amazon Translate
Curious about translating with Amazon Translate (AWS)? Learn about using Amazon’s machine translation engine with Pairaphrase.
Best English to Hindi Document Translation Software (2023)
Looking for English to Hindi translation software, but not sure what features you need? Access this buying guide.
How to Translate Large Files with Ease
Need to translate large files? Learn about the best tools to use when translating large PDF’s, documents & more (10MB+).
Catalog Translation Software Features to Look for
Need catalog translation? Look for these 10 top catalog translator features (before you buy).
Best English to Vietnamese Document Translation Software (2023)
Looking for English to Vietnamese translation software, but not sure what features you need? Access this buying guide.
How to Create Effective Termbase Glossaries for Machine Translation
Need to create a termbase glossary? Get our top 5 tips for creating effective termbase glossaries for machine translation.
Best English to Korean Document Translation Software (2023)
Looking for English to Korean translation software, but not sure what features you need? Access this buying guide.
DeepL Alternative for Enterprises (2023)
Explore various DeepL drawbacks and user-specific needs you might identify with. This way, you can conclude whether alternatives to DeepL could fill these gaps.
Most Accurate Translator: How to Get it
While a 100% accurate translator does not yet exist, this post will tell you how to get the most accurate translator tailored to your company’s words and phrases.
Top 10 Translation Industry Trends in 2022
Explore 2022 translation industry trends! Learn about 10 translation industry trends 2022 will bring, according to our predictions »
Secure Transcription Software That Translates Languages
Need secure transcription software that translates languages? Learn what features to look for and how Pairaphrase will benefit you.
Best English to Portuguese Document Translation Software (2023)
Looking for English to Portuguese translation software, but not sure what features you need? Access this buying guide.
Translation KPIs for Translation Management Success
Establishing translation KPIs (Key Performance Indicators)? Here are the 5 Most Important KPIs for translation management success.
5 Things Pairaphrase Cannot Do For You
Pairaphrase is a powerful tool, but it is not a replacement for the human translation and post-editing review process. Read this before you buy.
Subscribe to our Blog
Get expert translation tips straight to your inbox, and get more from Pairaphrase. Subscribe to the Pairaphrase Blog today.