PCSOFT Blog

PCSOFT has been serving the Smeaton Grange area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Does Artificial Intelligence Provide Artificial Hope?

Does Artificial Intelligence Provide Artificial Hope?

Typically, we use this space to talk about technology-related issues that have a positive impact on business, society, and individuals. Information technology has and will continue to transform the world we live in. One of the central topics of this giant IT transformation is artificial intelligence (AI) and where it fits into the paradigm of modernity.  Much has been made about the potential benefits of AI—and many of them are legitimate—but in today’s blog, we wanted to discuss the dark side of AI, and whether or not immediate regulation of the technology is a prudent decision.

0 Comments
Continue reading

Reporting is a Big Part of Modern Compliance

Reporting is a Big Part of Modern Compliance

Managing technology and procedures that maintain compliance with regulations might seem like a never-ending and problematic task. One of the best strategies is developing a reporting system to make this task manageable and even beneficial for a business' growth and sustainability. Reporting isn’t just about ticking boxes for regulators; it’s about creating a transparent, accountable, and efficient operation that can adapt to a business’ regulatory requirements.

0 Comments
Continue reading

How to Make Bad Passwords Better

How to Make Bad Passwords Better

Every time you log into an account, you have to enter a password. And we know exactly what you’re thinking: why? Good password hygiene is important, especially in high-profile environments like your business. Passwords play a crucial role in securing your network, so you should know how to build better passwords—if not for your own sake, then for your business.

0 Comments
Continue reading

Encryption is Critical to the Success of Any Business

Encryption is Critical to the Success of Any Business

In today’s world of flexible working environments and conditions, you want to be intentional with how you share and distribute access to your company’s data. You’ll need to ensure that you are not accidentally putting your data in harm’s way due to outdated and insecure data retrieval policies and procedures.

0 Comments
Continue reading

How to Ensure Your Business Remains HIPAA-Compliant

How to Ensure Your Business Remains HIPAA-Compliant

In 1996, the United States Congress passed the Health Insurance Portability and Accountability Act, better known as HIPAA, in an attempt to streamline the healthcare system while also maintaining individual privacy of individuals’ health records. This regulation allowed people to more effectively and securely transfer their health coverage without the risk of fraud or abuse of health records. As you can imagine, your technology plays a significant role in making this happen.

0 Comments
Continue reading

Cloud Regulation Might Be On the Horizon

Cloud Regulation Might Be On the Horizon

Many companies, individuals, and organizations have sought to get the most value out of cloud computing, making it an industry that also requires a certain level of regulation. With its increasing integration into our daily lives, it’s no small wonder that there is a greater effort to control certain aspects of it. Here is what you can expect from cloud regulation in the near future.

0 Comments
Continue reading

Ensuring Your Organization Meets Compliance Standards

Ensuring Your Organization Meets Compliance Standards

Protecting your clients’ and employees’ personal and financial data has to be a consideration for every single business. Not only do you have a responsibility to protect this data, you also may have to do so to remain in compliance with regulations mandated by governments, industry organizations, and even your own business. With data privacy becoming a growing concern, we thought it would be useful to discuss the basics of compliance a bit in this month’s newsletter. 

0 Comments
Continue reading

What is Compliance Reporting?

What is Compliance Reporting?

There are numerous industries that, in one way or another, deal with sensitive data on the regular. In order to protect this data, numerous laws, regulations, and other requirements have been put on the books that require businesses to maintain—as well as prove—their compliance to them.

Today, we wanted to focus on how a business would prove their compliance, so we’re going to dive into the subject of compliance reporting.

0 Comments
Continue reading

Big Tech Antitrust Bills to Have an Effect

Big Tech Antitrust Bills to Have an Effect

Recently five bipartisan bills are being considered in the United States House of Representatives that intend to add additional oversight on the power of modern tech giants. Let’s take a look at these bills and why they are deemed necessary by many lawmakers. 

0 Comments
Continue reading

Why Online Speech Isn’t (Usually) a Free Speech Issue

Why Online Speech Isn’t (Usually) a Free Speech Issue

It is undeniable that technology has become ingrained into our workplaces, and perhaps even more so into our daily lives—particularly considering the events of the past few years. This is likely why it is so surprising when a large tech company bans a user for some activity on their platform.

With all that is happening today, this surprise has largely turned into outrage over whether or not these companies can really ban people over what they share on the platform. Let’s go over the situation to try and glean from it some answers.

0 Comments
Continue reading

Are Healthcare Providers Meeting HITECH Standards?

Are Healthcare Providers Meeting HITECH Standards?

Compliance can be difficult for some businesses. They might know that it’s a necessity--and may even know what they have to do--but they just have trouble implementing practices that are designed to guarantee the meet their regulatory responsibilities. HIPAA and HITECH compliance laws in particular are difficult to navigate, and the results of failing to adhere to them can be dire.


Just a few years ago in 2016, the Office for Civil Rights (OCR) and the Department of Health investigated data breaches; the results of this investigation led to identifying several violations of these laws. A total of 12 settlements were the results of this investigation, as well as one civil penalty, that amounted to claims of approximately $25,505,300 in fines.

The numbers in 2017 are slightly more optimistic. This past year, there were only nine HIPAA settlements and a single monetary civil penalty paid totaling $19,393,000 in fines. While it’s clear that something is working, it’s not clear what exactly is or isn’t, but we know one thing for sure. Businesses don’t want to pay money for failing to adhere to compliance laws, but this doesn’t stop everyone from meeting their requirements.

The types of violations that led to these penalties aren’t particularly varied. Most of them stemmed from a failure to protect protected health information, or PHI, but there are a couple that come from different reasons. Here are a few other reasons:

  • Insufficient ePHI access control
  • Impermissible disclosure of ePHI
  • Careless handling of PHI
  • Multiple HIPAA violations
  • Delayed breach notifications
  • Lack of security management process
  • Lack of a business associate agreement

Another notable trend can also be seen in the failure of organizations to secure their mobile devices in a way which complies with HIPAA and HITECH. Furthermore, there is also a failure to implement proper security processes and delaying notification of breaches at the heart of these fines.

Recently, a well-publicized lawsuit was filed in federal court against 60 Indian hospitals over a failure to adhere to the HITECH Act. These hospitals had allegedly failed to provide records and documentation for as many as 50% of their patients within three business days of the request. As one of the requirements of receiving funding from the HITECH Act, this is a big issue for hospitals.

As a result of these failures, these hospitals face charges of well over $1 billion for failing to provide healthcare documents when asked to produce them. They obtained $324 million through the HITECH Act, but failed to adhere to its laws. Additionally, the hospitals violated the Anti-Kickback Statute and the False Claims Act for claiming falsely that they met the requirements of the HITECH legislature.

While it’s true that not all businesses need to consider healthcare compliance, it’s more likely than not that your organization works with some sort of sensitive information that is subject to compliance laws. To find out now if your organization is in trouble with compliance laws, reach out to us at 02 98730080.

0 Comments
Continue reading

Data Loss Can (and Will!) Affect Your Entire Business

Data Loss Can (and Will!) Affect Your Entire Business

Data loss, on any scale, is an organizational nightmare. Not only do you have to restore data, any lost productivity that comes as a result of the data loss incident makes it difficult on the budget. That’s only scratching of the surface of how serious data loss can be.

1 Comment
Continue reading

At Up to a $50K Fine Per Violation, You Can’t Afford Not to Be Compliant

At Up to a $50K Fine Per Violation, You Can’t Afford Not to Be Compliant

Technology is being deployed to help businesses of all kinds, including medical offices and other health-related facilities. By taking advantage of electronic medical records (EMR), organizations are capable of better managing their files in previously unprecedented ways. Unfortunately, even by eliminating the majority of physical records, this presents another problem that comes from digital environments: hackers and regulatory compliance laws.


Offices that fail to adapt to these changes in specific industries could be the target of compliance fines, which are more than capable of breaking budgets and hindering growth. If your office doesn’t take measures to ensure that all regulatory compliance laws are adhered to, your organization could be subject to fines that range anywhere between $100 and $50,000 per record. Your business literally cannot afford to pay for something that’s entirely preventable.

To help your business ensure compliance with regulatory laws like HIPAA, HITECH, and PCI, we’re going to go over them in detail and tell you what you need to know.

HIPAA
HIPAA, or the Health Insurance Portability and Accountability Act of 1996, is a series of compliance regulations used to enforce the privacy of electronic medical records. HIPAA covers the medical staff, patients, and employees of all healthcare-related organizations, including health insurance providers. To put it in layman’s terms, HIPAA gives patients the right to know how their electronic medical records are stored and used, and to make sure that health records and financial information are being stored according to HIPAA’s security specifications.

HITECH
The Health Information Technology for Economic and Clinical Health Act was part of a 2009 initiative to encourage medical practices to adopt new technology solutions that can improve their operations. HITECH looks at part of how HIPAA handles user privacy, stating that organizations covered by HIPAA need to report data breaches of 500+ affected users to the United States Department of Health and Human Services, the media, and to those who were affected. Additionally, HITECH alters the way that organizations handle the disclosure of electronic medical records, and how this information can be used throughout the caregiving process.

PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards that are required to be met before an organization can implement major card-scanning technology systems. This is especially important, as credit card information is one of the most targeted pieces of data that a hacker will try to get their hands on. It doesn’t matter which industry you fall into; if you accept credit or debit card payments, you need to be PCI compliant. Some examples of required protocol include maintaining a firewall that protects cardholder data, restricting access to card numbers on a “need-to-know” basis, and tracking and monitoring network resources, including what accesses cardholder data.

Understanding compliance regulation isn’t something that comes naturally for everyone, but we want to help you better decipher laws that your organization might be subject to. For more information about HIPAA, HITECH, or PCI, give us a call at 02 98730080.

1 Comment
Continue reading

Cloud Computing Isn’t 100% Perfect, Be Sure to Account For These 3 Risks

b2ap3_thumbnail_more_security_400.jpgOrganizations are taking to the skies with cloud computing solutions in the workplace, and it’s proving to be a valuable investment. However, such unprecedented growth doesn’t come without its fair share of risks. How does the cloud affect your business’s ability to function without unknowingly compromising your data infrastructure, or risking heavy downtime?

0 Comments
Continue reading

Contact Us

Learn more about what PCSOFT can do for your business.

PCSOFT
Suite 2.07, 3 Fordham Way
Oran Park, NSW 2570