Solutions
-
Learning & Performance
Learning & Performance
-
Learning Management
Learning Management
HealthStream offers performance learning management solutions to help develop your healthcare staff into leaders and reduce turnover.
View All ProductsProducts
-
Video Learning
Video Learning
HealthStream works with healthcare organizations to create engaging and high-quality training videos for your staff and management.
View All ProductsProducts
-
Reporting & Analytics
Reporting & Analytics
Improve care quality and save money by making informed decisions about your healthcare facility and staff with HealthStream's reporting analytics solution.
View All ProductsProducts
-
Performance & Engagement
Performance & Engagement
HealthStream's proven methods for the improvement and overall engagement of your healthcare staff foster a positive workplace and increase retention rates.
View All ProductsProducts
-
Learning Management
-
Quality & Compliance
Quality & Compliance
-
Compliance Solutions
Compliance Solutions
Be confident in your staff’s ability to reduce risk by providing compliance training that changes behavior.
View All ProductsProducts
-
Quality & Safety
Quality & Safety
Develop next-level people for next-level care by prioritizing quality and safety improvements.
View All ProductsProducts
-
Policy Management
Policy Management
Standardize policy and procedure management with an automated, customized, and centralized system.
View All ProductsProducts
-
Culture & Leadership
Culture & Leadership
Establish a culture of belonging with education supporting DEI, wellness, engagement, and leadership development.
View All ProductsProducts
-
Medical Product Training
Medical Product Training
Deliver custom or industry designed product training directly to patient and resident care environments to reinforce proper use.
View All Products
-
Compliance Solutions
-
Reimbursement
Revenue Cycle Education
Streamline the revenue cycle management process and protect your bottom line with expert-backed education.
View All ProductsProducts
-
Resuscitation
Resuscitation
-
Clinical Deterioration
Clinical Deterioration
In all areas of resuscitation, from neonatal to elderly care, clinical deterioration is a risk that can be avoided with the help of HealthStream's training programs.
View All ProductsProducts
-
Resuscitation Solutions
Resuscitation Solutions
Nurture the skills of your nurses and medical staff to help mold them into effective leaders with development training from HealthStream.
View All ProductsProducts
-
Clinical Deterioration
-
Clinical Development
Clinical Development
-
Competency
Competency
Make sure your clinicians have the support they need to provide competent care with clinical competency training and development from HealthStream.
View All ProductsProducts
-
Clinical Quality
Clinical Quality
HealthStream’s learning management system and comprehensive suite of competency management tools empower your healthcare workforce to deliver the best patient care.
View All ProductsProducts
-
Onboarding & Placement
Onboarding & Placement
The suite of healthcare onboarding solutions available from HealthStream aids in nurse retention and improved patient outcomes.
View All ProductsProducts
-
Skills & Decision Support
Skills & Decision Support
Give your healthcare staff the decision support and skills training they need with the online products available from HealthStream.
View All ProductsProducts
-
Professional Development
Professional Development
HealthStream leverages medical professional development in healthcare by providing staff training programs
View All ProductsProducts
-
Acute Care
Acute Care
Create engaging and impactful learning experiences that meet the unique needs of your acute care staff.
View All Products -
Competency Development and Placement
Competency Development and Placement
Unlocking the full potential of clinicians goes beyond aspiration – it’s a commitment we embody. Our competency development solutions help personalize learning for every clinician so you can confidently bridge the gap between theory and practice for your nurse residents while meeting the unique development needs of your seasoned clinician.
View All Products
-
Competency
-
Scheduling
Nurse & Staff Scheduling
Healthcare workforce management is essential. We provide advanced scheduling solutions for organizations to solve issues such as nurse retention
View All ProductsProducts
-
Credentialing
Credentialing
- Provider Credentialing
-
Network Credentialing
Network Credentialing
Tackle all the challenges of provider directory management within a health plan with a single solution tailored to your specific needs.
View All Products -
HealthStream CVO
HealthStream CVO
Our affordable CVO credentialing services establish patient safety by enabling primary source verification for your healthcare organization.
View All ProductsProducts
-
Provider Experience
Provider Experience
Finally, a comprehensive resource to support collecting, storing, and sharing credentialing data with ease.
View All Products -
Provider Validate
Provider Validate
Integrate with Epic to validate and add new providers directly to your provider master file.
View All ProductsProducts
- Industry Rep Credentialing
Solutions powered by ![]()
Learn More.
.png?sfvrsn=3028f62b_0)
Quality Manager formerly known as abaqis®
Mitigate risk and elevate your quality of care. Improving both clinical and business outcomes starts with a smarter, more integrated approach to regulatory training, continuing education and quality management.
Learn MoreApril 1, 2021
April 1, 2021
By Jennifer Stoop, Associate Product Manager, HealthStream
One per day. This was the average number of breach incidents in 2016. Last year, the Department of Health and Human Services (HHS) set a new record for HIPAA enforcement. Over $20 million in fines for HIPAA violations were collected from 15 enforcement actions that had associated monetary penalties. Fines per entity have also increased significantly, from $85,000 in recent years to $2 million in 2016. Topping the list of reasons for HIPAA enforcement actions was stolen unencrypted portable devices containing PHI and inadequate Business Associate Agreements.
Ransomware also plagues the healthcare industry, so much so that in August 2016 the Office for Civil Rights (OCR) released guidance that all ransomware attacks should be considered a breach. Ransomware is a type of malware that locks computer systems to prevent the access of data until a ransom is paid, often in Bitcoin. The statistics are alarming. From April 2015 to April 2016, more than half of the nation's hospitals were hit by ransomware. Twenty-seven million records were stolen in 450 reported data breaches, 26.8 percent of which were caused by ransomware, hacking or malware.
There are more than 4,000 ransomware attacks daily, and healthcare is the largest target. Why is that? For starters, hospitals maintain patient data, such as Social Security numbers, home addresses, bank account information, and medical information, all of which are highly valuable to hackers. Hospitals also don't typically focus on security awareness, making them an easy target. Most recently, the ransomware "WannaCry" infected more than 200,000 computers across 150 countries, including the healthcare industry. Ambulances had to be rerouted, patients were treated without their medical records, and treatments for some had to be delayed. Ransomware has turned cybersecurity into a life or death issue.
So far this year, we are seeing a shift in the cause of breach incidents. According to the Protenus Breach Barometer, hacking was the number one cause of breach incidents in January 2017. Then there was a shift in February and March, when we saw insiders responsible for the majority of the breaches—58 percent in February and 44 percent in March.
According to a recent MediaPRO survey, only 28 percent of healthcare employees demonstrated the privacy and security awareness to prevent incidents that could lead to a breach. Of the 850 healthcare employees surveyed, 72 percent were a security risk or novice, demonstrating a clear need for better training.
What can you do to mitigate your risk of a breach and keep your organization's name out of the headlines?
- Perform a security risk assessment. Utilize the results to take action and implement measures that will protect your organization.
- Audit your policies and procedures. These need to constantly evolve based on regulatory changes, results of your own self audits, and any incidents that may have occurred.
- Check your Business Associate Agreements (BAAs) and make sure they're up to snuff. Don't share patient information without a signed BAA in place.
- Start reviewing resolution agreements from organizations who have had a breach, especially if they were issued a Corrective Action Plan (CAP) by the OIG. There are lessons to be learned within these agreements, including what caused the organization's breach and what they need to do to resolve it. You can find them here: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/.
- Training, training, training. An effective compliance training program that resonates with employees and changes their behavior is key to preventing breach incidents. "Check-the-box training" isn't enough. You should include security awareness training to help protect your facility from ransomware and other cybersecurity threats.
This year is shaping up to be bigger than 2016 in terms of enforcement actions and penalties. In the first two months of 2017 alone, fines were more than half of what they were for the entire year of 2016. There have been four enforcement actions with penalties totaling more than $11 million. In April, we saw three settlements in just a two week period, ranging from $31,000 for a small physician practice to $2.5 million for a wireless health services provider. With on-site audits expected to pick up when desk audits are completed, and ransomware attacks expected to increase this year, healthcare organizations need to be vigilant.