Tim Meredith’s Post

We understand that the crazy wheel of medical practices never slows down! Practice managers are some of the busiest people on earth. But the only way I know to get ahead is to adjust the practice workflow! Dedicated to your liberty, safety, and digital health, Tim Meredith Tech Eagles P. S. --Dad Joke: "I get the club sandwich every day and I'm not even a member. I don't know how I get away with it."

Changes to technology do not automatically bring benefits. In fact, if there aren't any changes to workflow that capture the benefits, technology alone can be a real pain. It's not fair to pay for the extra expense and get nothing in return. Just as an example, some EHR platforms have an application program interface that links to the office Voice Over IP Phone system. When a call comes in, the EHR software pulls up the patient chart for the receptionist if the EHR system has the same number as the caller ID. When the receptionist takes the call, the patient chart is already on the screen. This is just one possibility. There are thousands. Dedicated to your liberty, safety, and digital health, Tim Meredith Tech Eagles

What if changing your workflow to adjust for new technology can increase the capacity of your practice and quality of your service? What if one change only increases capacity by 3%, but you make 5 changes, increase capacity by 15%, and now 17 employees can do the work of 20? What if one simple change can improve the patient perception of your practice? Dedicated to your liberty, safety, and digital health, Tim Meredith Tech Eagles

If you aren't fulfilling their requirements, your cyber insurance policy isn't covering your business risk exposure. I'm sure that cyber insurance policy gives you the feeling of being covered, but it's just a placebo effect. You're actually throwing money down the drain. Dedicated to your liberty, safety, and digital health, Tim Meredith Tech Eagles

Falsely claiming to meet the requirements for cyber insurance is easy when signing up for the policy. But cyber insurance companies aggressively look for ways to refuse payouts. You often must prove to the cyber insurance company that you are implementing the requirements. When you sign up for the policy you agree to an annual risk assessment by checking a box. When you file a claim, they will ask for a copy of that assessment. They will ask for a copy of your incident response plan and the scores of the security training you provided to your employees. The cyber insurance company may have an email specialist examine MFA and encryption. Dedicated to your liberty, safety, and digital health, Tim Meredith Tech Eagles

Look at your own cyber insurance policy and talk with your broker to find out the specific requirements for your policy. Cyber liability insurance has two parts: Your requirements and the cyber insurance coverage. First, you agree to reduce your business risk exposure. Second, the cyber insurance company agrees to cover the remaining business risk exposure. If you do not show evidence that you have implemented the cyber insurance requirements, you are not entitled to cyber insurance payouts in the event of an incident. Dedicated to your liberty, safety, and digital health, Tim Meredith Tech Eagles

Send this to your cyber insurance policy broker: "I am reviewing my cyber insurance policy and I need some help identifying what the policy requires my business to do. Can you send me a simple checklist that briefly states what is required of my company to reduce our risk exposure to cyberattacks?" If you don't hear anything back, congratulations! You have found an insurance salesperson that cares about your money but not your business. They can be hard to spot. Now it's time to look for another. Dedicated to your liberty, safety, and digital health, Tim Meredith Tech Eagles

The best way to reduce the chance of business email compromise is by mandating MFA on your email platform. Tell the administrator of your email platform that you would like to see a report showing the policy of MFA for the company and the status of MFA for every user. Tell everyone at the company that MFA is going to be mandated on [this date]. "To avoid any business disruption, please take a few minutes to enable MFA on your email account. Ask for help if needed." Then enforce it on the date you chose. After the date, review a new report showing the policy of MFA for the company and the status of MFA for every user. Dedicated to your liberty, safety, and digital health, Tim Meredith Tech Eagles

I have seen a lot of cyberattacks over the years. Most of them start with an email phishing ploy or business email compromise. Addressing these two vectors dramatically reduces your business risk exposure to cyberattacks. The best way to prepare for phishing attacks is employee training. Yes, you need a good spam filter, but some will always slip through no matter what. And don't blame Suzy in the billing department when she clicks on a link in an email. She doesn't stand a chance against the multibillion-dollar, international, hostile-state-led industry of cyberattacking. If you want her to not compromise your network and data, then you need to give her regular cyber training. Telling her just not to click on links is not enough. Dedicated to your liberty, safety, and digital health, Tim Meredith Tech Eagles