Healthcare IT Blog

Articles by Ashini Surati

PCI-DSS — A short acronym for a long journey — Part 3

Published on 01/15/2014 by Ashini Surati
Category: Compliance

So you think having an approved scanning vendor (ADV) scan a couple of your external IP’s 4 times a year for a bundled cost of $189.00/year, and attesting to a questionnaire means you are PCI-DSS compliant?  Think again.The goal is to complete due diligence to ensure a secure network and organization at all levels against all kinds of threats. Complete your assessment as discussed in Part 2 of this blog article (http://parkplaceintl.com/blog/pci-dss-short-acronym-long-journey-part-2/).  You ...

PCI-DSS - A Short Acronym for a Long Journey - Part 2

Published on 06/27/2013 by Ashini Surati
Category: Compliance

So it seems that I took a long coffee break since my last blog on PCI-DSS!  And yes, that coffee did come from the fancy machine that took my credit card on the 4th floor of your hospital!!  Would you like a memory refresher on what I was talking about?  Click here to read Part 1 of my blog.So where does a health care organization start when looking at compliance with these industry standards?  ...

PCI-DSS – A Short Acronym for a Long Journey – Part 1

Published on 04/16/2013 by Ashini Surati
Category: Security

PCI-DSS stands for “Payment Card Industry – Data Security Standards”.  So why am I digressing in a Healthcare IT-related blog by writing about these standards?  Ok, let’s get right to the point here…. PCI-DSS applies to any entity that accepts, processes, or stores credit card information. So as a healthcare organization, where do you use credit cards?  Admitting?  Cafeteria?  Outpatient Services? Day Surgery?  Bariatric Center?   Clinics?  Outpatient Speech ...

Remembering the '90s

Published on 03/12/2013 by Ashini Surati
Category: Compliance, Security

Remember the 90’s?  Yes, I am talking about the decade of grunge music, flannel shirts and the coming out of the Internet (World Wide Web).   It was in that decade when HTML and Java were created; the digital answering machine, DVD and Web TV were invented; and the dot com boom took the world by storm.  It was also the era when the Health Insurance Portability and Accountability Act (HIPAA) was enacted by congress ...

“D’ stands for “Documentation’....Darn it!!

Published on 02/08/2013 by Ashini Surati
Category: Healthcare IT

Have you ever had to write something and then get writer’s block?  Until you have the time to actually write something, your mind is going 100 miles an hour, but the minute you get in front of a screen to start typing, your mind goes blank?  Or you get distracted?  Happens to me quite a bit! So, anyway, why was I writing this blog?  Oh, that’s right, the importance of documentation…..Documentation is ...

Did You Do the Homework? - Considerations for the Cloud

Published on 01/17/2013 by Ashini Surati
Category: Healthcare IT, Cloud Computing

There are many covered entities out there including many large and small hospitals that may still be struggling with the decision to move to the cloud.  If you are, your mind is probably going at 100 miles per hour.  I know this because I have been there in your shoes.  Am I losing control of my data?  Where will my data reside?  How secure is my data?  What is the risk of my ...

Media Reuse and Disposal – The Burning Question...

Published on 12/11/2012 by Ashini Surati
Category: Compliance

A typical healthcare organization allocates between 1 to 3% of the total budget for IT.  The IT staff is responsible for delivering technology that meets the expectations of savvy physicians, employees, and trendy patients.  IT departments are always looking for ways to save money and work to balance risk vs. cost wherever possible.  In this blog, I am bringing to light the one of the burning questions that many IT departments still face - the reuse ...

On The Road to Compliance

Published on 10/25/2012 by Ashini Surati
Category: Compliance

Just like any industry, the healthcare industry has many regulatory compliance requirements to meet.  There is an alphabet soup of compliance-related acronyms – so many, in fact, that I occasionally might need to look one up to remember what it stands for! These include state, local and federal regulatory agencies or divisions,  industry or government mandated laws for compliance that apply in some shape or form to healthcare:   EPA, OSHA, EPCRA, SARA, TJC, FIFRA, TSCA, DOT, ...