By:
On:
In: *Connecting the Dots Blog*, Campus Safety, Education, Emergency Management, School Safety

The Brazilian whose shooting spree left 12 school children dead was a loner who spent his days surfing the Web, and had been victim of schoolyard bullying and taunts.  His classmates and former teachers said he was routinely bullied at school, rejected and taunted by girls in class, and forced to endure “constant humiliation”. Lessons Learned:  There are several lessons learned from this tragedy.  Number One: Bullying can have a devastating effect on a child and can lead to severe violence.   Number Two: Multiple red flags were given prior to this attack: recent clothing changes, change in mental state, researching weapons online, withdrawing from society,Read More →

By:
On:
In: *Connecting the Dots Blog*, Legal, School Safety

  Lawsuits targeting school districts for allowing students to be bullied by other students are escalating. Lessons Learned: With new guidelines outlined in an OCR “Dear Colleague” Letter and an increase in bullying, harassment, discrimination and school violence, schools need to be aware of the potential risk of lawsuits.  School leaders must ensure all individuals (staff, faculty, parents, students, counselors, etc.) understand their roles and responsibilities for preventing and responding to bullying and how to report incidents of bullying.  Schools must implement comprehensive and ongoing protocols for responding to ALL incidents of bullying and cyber bullying with legal-ready documentation to avoid “deliberate indifference” claims andRead More →

By:
On:
In: *Connecting the Dots Blog*, Health Care, Regulatory Compliance

  A recent survey revealed that HIPAA is the most challenging regulation to businesses today. Lessons Learned: Regulatory requirements are updated regularly…Hackers, risks, threats, etc. are constantly changing. Staying up-to-date and within compliance is challenging, but critical.  Organizations must ensure all employees (and third-parties) understand their responsibilities to protect sensitive information.Read More →

By:
On:
In: *Connecting the Dots Blog*, Health Care, Information Privacy, Information Security, Regulatory Compliance

  OCR is offering HIPAA Enforcement Training to help State Attorneys General enforce the HIPAA Privacy and Security Rules and file federal civil lawsuits for HIPAA violations. Lessons Learned:  HHS and OCR are serious about Privacy and Security in Health Care.   Policies and procedures play a critical role in an organization’s culture of privacy and security and need to be updated as requirements, risks, regulations, etc. change.  Health care organizations will need to conduct internal audits and assessments rather than waiting for the OCR or AGs to arrive.  All employees and business associates must understand how to safely handle patient information and maintain a cultureRead More →

By:
On:
In: *Connecting the Dots Blog*, Information Privacy, Information Security, Regulatory Compliance

  Health Net exposed as many as 1.9 million customer records in a breach after its IT vendor misplaced nine server drives.  This is the second breach in two years for Health Net when a portable hard drive containing medical and financial information on 1.5 million customers disappeared from a facility in Connecticut. Lessons Learned:  Technology is not the problem..People are the weak link and the solution.   Devices are often lost and misplaced due to People not being aware of or not being accountable for the policies and procedures that have been put in place by the organizational responsible for protecting customer information.  Organizations mustRead More →

By:
On:
In: *Connecting the Dots Blog*, Uncategorized

  The California Division of Occupational Safety and Health recently fined the Children’s Hospital in Oakland for allegedly failing to protect workers from violence in the emergency department.  The hospital was penalized for “having an ineffective training program, incomplete and inadequate procedures to deal with safety concerns, and an incomplete and untimely hazard correction for workplace violence exposures in the emergency department.” Lessons Learned: The first lesson learned is obvious…organizations must have a comprehensive workplace violence program in place and ensure that all staff has been adequately trained on how to prevent and respond to incidents of violence, identify red flags and report all threats,Read More →

By:
On:
In: *Connecting the Dots Blog*, Incident Reporting, Information Privacy, Information Security, Risk Management

  CVS Caremark Corp has agreed to pay $17.5 million to resolve claims that it overbilled Medicaid.  The case was brought to the Justice Department by a whistleblower in Minnesota, who will receive $2.6 million. Which makes more sense to you and your bottom line?  A) Having employees report illegal and unethical situations internally so your organization can address situations and document them for legal and CYA purposes or B) having employees report illegal and unethical situations to the federal government and then dealing with expensive multi-million dollar fines, spending time and money and resources on repairing reputations and having the whistleblower get paid millions too?Read More →

By:
On:
In: *Connecting the Dots Blog*, Education, School Safety

  The parents of a bullied student who committed suicide in 2009 have filed a lawsuit against the Hillsborough School Board claiming school officials failed to take proper steps after learning their daughter showed signs of being suicidal. Lessons Learned:  If a student signs “a formal contract in which she expressly agreed not to commit suicide” at school with a school social worker…does the school have the responsibility to tell the student’s parents about the signed contract? School boards and school leaders need to make sure their policies and procedures define situational awareness – what steps should be taken in different situations – so counselors,Read More →

By:
On:
In: *Connecting the Dots Blog*, Health Care

  A new study revealed an enormous patient safety gap – up to 90 percent of patient injuries, infections and other safety issues are not being recorded.   What does this mean for hospitals?  What does this mean for patients?  What does this mean for regulators? Lessons Learned:  Hospitals face serious patient safety and patient quality challenges and the key to improving patient safety will be their People – management, nurses, doctors, staff, partners, business associates, etc.  Hospitals must ensure every individual has situational awareness and accountability for better decision making and a comprehensive incident reporting and incident management platform will be critical to get theRead More →

By:
On:
In: *Connecting the Dots Blog*, Health Care, Information Privacy

  Despite stricter privacy and security regulations, hospitals are struggling to protect patient information.  According to a recent Ponemon Study, breaches are costing the health care industry $6 billion annually. The top three causes of breaches: Unintentional employee action Lost or stolen computing devices Third-party accidents   Lessons Learned:  Failure to protect sensitive and personally identifiable information is expensive and damaging to a health care organization’s reputation.  Organizations need to complement their general awareness with ongoing situational awareness programs to ensure all employees (and third-parties) understand their individual roles and responsibilities for protecting sensitive patient information.  With mounting regulatory changes and the move to electronicRead More →