Is your phone being spied on? | AdvancedMD

Features Navigation

Live Chat (800) 825-0224 Live Demo

← Back

Is your phone being spied on?

Disclaimer: This blog article was written by an AdvancedMD partner. The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the official policy or position of AdvancedMD.

Citizen Lab recently announced they discovered dozens of individuals whose iPhones had been compromised by spyware known as Pegasus. Pegasus is just one example of malware that, once installed on a mobile device, can secretly record phone calls, access the camera, access passwords on the phone, and track the phone’s location. The difference here is that there was no user click through required to initiate install—the malware installed itself automatically.

Very often when we write about malware, we are talking about receiving an email or other communication that entices us to click on a link or an attachment in order to initiate install. The malware in question here is much more sinister. Known as a “Zero-Click” attach, the malware is sent to an iPhone as an iMessage and simply installs itself.

Each day new vulnerabilities are being discovered in technology, and each day our data is more and more at risk. In the past, we’ve heard that Apple products are safe and do not pose the same level of risk as other brands. This was true when the cell phone and computer markets were dominated by Microsoft and Android. Now, with the large footprint Apple has both in cell phones and desktops, these devices have become a much bigger target for hackers looking to access personal data.

Having a documented HIPAA Security Manual and Risk Mitigation plan helps your practice put measures in place so you can be proactive about securing data. An important takeaway from the Pegasus event though is that, no matter what processes we have or preventative actions we take, we can never be 100% protected from security breaches.

The key is to be prepared in case there is a breach. When a HIPAA event occurs, the fist thing an investigator will ask for is your most current HIPAA Security Manual and HIPAA Risk Mitigation Plan. If you are not able to produce documents that demonstrate a good faith effort to protect your records, the government is required to fine you. These fines can be in the tens of thousands of dollars.

If you have not completed your HIPAA Security Manual and Risk Mitigation plan, TLD Systems can help with the process. It can not only help reduce your risk of a HIPAA event, but can ensure your are prepared in case there is one. For more information, please contact Dr. Michael Brody at TLD Systems.
[email protected]
(631) 403 6687

Michael Brody, DPM
Dr Brody has been actively involved in Computers and Medicine since the 1980’s. Dr Brody as a Residency Director at a VA hospital on Long Island and was present as the VA moved from paper records to computerized records. During this time, he was exposed to the stringent rules and regulations that government employees need to adhere to when protecting patient information. He co-founded TLD Systems with Warren Melnick to create a platform that doctors who wish to work in private practice have a cost-effective method of implementing HIPAA compliance in their practices in a manner that does not interfere with their ability to practice medicine. He has served on the Health Information Technology Standards Panel (HITSP), the Standards and Interoperability Framework (S&I), as a member of the Ambulatory Care Committee at the Certification Commission on Health Information Technology (CCHIT), and numerous other organizations. He is currently a member of the Physicians Committee at the Healthcare Information and Management Systems Society (HIMSS) and a co-Chair of the EHR workgroup at Health Level Seven International (HL7)


Other Resources Related to This Topic

No results found

“The money I have invested in AdvancedMD is miniscule compared to the return. I have never been more efficient – ever – in my professional life as I am now.”

Jed Shay, MD
The Pain Care Center

Read the story  ›

“[Our] patients are very well-educated and well-informed, and they want to see results quickly. The practice has to run extremely efficiently and be accessible to them. The nice thing about [AdvancedMD] is it has allowed me to be more efficient both in and out of the office. Now I don’t have to come back into the office, which is great for my family and everything else. It saves me a lot of time – probably an hour a day on the three days I work in the second office.”

Keith Berkowitz, MD
Center for Balanced Health

Read the story  ›

“The best thing I ever did in private practice was getting AdvancedMD—it has liberated me.”

Estaban Lavato, MD
La Loma Medical Center

“Having integrated practice management and EHR is absolutely wonderful, you don’t have to flip back and forth between systems—all of your information is at hand when needed.”

Raju Raval, MD

Read the story  ›