The pMD Blog

Welcome to the
pMD Blog...

where we cover interesting and relevant news, insights, events, and more related to the health care industry and pMD. Most importantly, this blog is a fun, engaging way to learn about developments in an ever-changing field that is heavily influenced by technology.

Has Heartbleed Compromised Your Protected Patient Information?
Up until a couple of days ago, if you heard the word "Heartbleed," you probably would have thought it was a serious medical condition. Yet, on April 7, a new definition was introduced to the world. Heartbleed is the name of a software bug that allows someone to circumvent encrypted internet traffic. The scope of this bug is unprecedented; some estimate that more than two-thirds of all websites are vulnerable. Worst yet, this bug has been in existence since 2011.


How does Heartbleed affect you?


The span of the bug is staggering. If a site is vulnerable, sensitive information like passwords and encryption keys could be stolen. To put it simply, the entire server and its data could be compromised. If the site stores protected health information (PHI), then the consequences for a data breach are severe and dictated by government regulation.

So what can you do to stop the Heartbleed?


First, determine which of your favorite sites are vulnerable. There are some online tools that allow for some measure of independent checking, for example you can enter an address here and get a quick confirmation. If you haven’t seen any announcements from a particular site, you may also want to reach out to them and confirm. Once you determine a particular site has been patched, you should assume your current password has been compromised and go ahead and change it. If you’re a medical professional, we urge you to reach out to the websites you use, especially for charge capture, electronic health records, and other patient data, to get a definitive answer on each website’s security status regarding Heartbleed. If you’re a patient, you may want to reach out to your provider to make sure that they have confirmed your security through the websites that they use.

When news broke about this bug, we at pMD set out to determine our exposure. We quickly confirmed that we were using a more mature version of the affected software (OpenSSL), which the bug did not affect. At first this felt fortunate, and on reflection it validated some of the core principles of engineering at pMD. Although we pride ourselves in being innovative with features and making our users' lives easier, when it comes to security and its infrastructure, we are much more conservative. We only adopt the latest technology that has proven security. Owning and operating our own servers without any outsourcing gives us full control on implementing this philosophy. The data we’re entrusted to keep and protect ranges from patient records, charge capture, and secure messages, and in this case, our engineering philosophy helped ensure the security of our customers' and their patients’ precious data from one of the most catastrophic bugs to hit the internet.

You can learn more about Heartbleed here
5G ACA Account Management accurate coding ACI adoption Advancing Care Information Advice AHCA AHRQ AI Alternative Payment Model Amazon S3 Android API Apple appointment reminders Artificial Intelligence arts Audit Award Bay Area BCRA Benefits Best Place to Work Best Practices Big Data Billing Billing & Collections Billing Service Billing Services bootcamp BPCI BPTW Bundled Payment Model Bundled Payments Business relationships Care Communities care coordination Care Navigation Care Team Career Fair CDC Charge Capture Charge Capture App Charge Capture Software Charge Capture Solution Charge Capture Statistics Charge codes Charge Lag Charge Reconciliation CHIP CIO Claims Clinical Communication clinical data Clinical Data Registry Clinically integrated network Cloud CMS cms regulations Coding Collaboration Communication Company Culture Conferences Connected Health Record contact practice Coronavirus COVID COVID-19 COVID19 Cross-functional culture custom reports Customer Interaction customer relations customer service customer success customer support Customers Cyber Security cybersecurity Developer DHHS Diagnosis codes Dialysis discharge instructions Doctor EHR elderly Electronic Charge Capture Eligibility EMR Encryption End-to-End Platform epidemic Expansion FDA FHIR Flu fundamentals Gen Z GI GI Outlook Goals group messaging Health Care Health Care Technology Health Care Web Health Care. Health Care IT health data Health Information Exchange Health Record Healthcare Healthcare Data healthcare interface healthcare interface integration healthcare software HIE HIPAA HIPAA Compliance hipaa compliant communication hipaa compliant communication platform HIPAA-Compliant Hiring HL7 Holidays Home dialysis Home Health Hospital Census Hospital Communication humanity IA ICD-10 ICD-11 Immunizations Implementation Improvement Activities in-app calling inclusive software incorrect billing increase revenue injury rehabilitation innacurate coding Instant capture Integration interface interoperability iOS iOS 8 iOS7 iPad iPhone iPhone 6 IT Lead Generation length of stay LGBTQIA Long Term Care LTC Machine learning MACRA Medaxiom Medical Billers Medical Billing Medical Billing & Collections medical billing denials and solutions Medical claims Medical Coding medical coding accuracy medical coding quality Medical Errors medical practice revenue Medical Record Medical Software Medicare Mental Health Mentorship Messaging Messaging with Patients MGMA MIPS MIPS Registry mobile Mobile App Mobile Charge Capture Mobile EHR Mobile Health Mobile Messaging Mobile Payments Mobile security Mobile Software Mobile Technology Mobile telehealth Modern Healthcare Native App natural language processing Network new feature new features news NIH nlp OCM onboarding Oncology Care Model operations opioid crisis Pandemic Parenting Partnership partnerships Patient Patient access Patient Adherence Patient App Patient Care Patient Chat Patient chat routers Patient Communication patient data Patient Engagement patient experience patient experience cycle Patient Generated Health Data Patient Handoff Software Patient Information Patient Messaging Patient payments patient portal Patient Record Patient Safety Patient satisfaction Patient Simulators patient support Patient Visits Patient-Centric PCP Performance bonus PHI Phishing Scams Physician Physician burnout pmd pMD Pro pMD Team population health Population Health Management Post-COVID PQRS Practice Management Pregnancy Press Release Product Development Productivity products Promoting Interoperability Protected Health Information QCDR QPP Quality Data quality reporting Quality Scoring Ransomware RCM Recruiting Recruitment Reimbursement remote jobs Remote Work Reporting reports Residents Responsibility revenue cycle management ROI Rural communities Ryuk Sales Secure Communication Secure Data Secure Messaging Secure Messaging Video Secure Text Messaging Secure Video Secure Video Chat Security Audit self care seniors sexual orientation and gender identity SF Biz Times SMB SNF SNOMED-CT SOC 2 software vendor SOGI Spear Phishing Specialty Care success support TCM TDM Team Team culture Teamwork technology telehealth telehealth reporting Telemedicine telemedicine in long term care Telemedicine skilled nursing facilities Teletherapy Text Messaging texting Thanksgiving Therapeutic Drug Monitoring time-based billing training transgender Travel Upgrades UX Design VA vaccination records vaccinations Vaccine Value-based care Video Calling Video chat video communication video conferencing Virtual Care Virtual Visit voice calling voice memos WannaCry Wearable Device wearing many hats Web App wellness wfh Wireless Work From Home Work Life Balance Workflow optimization Workplace Culture