How to Protect Your Organization from Cybercriminals

cybersecurity

No workplace is entirely immune to the threat of a security or data breach. The healthcare industry is particularly vulnerable and has become one of the largest targeted industries for cybercriminals. Medical records contain the most sensitive of personal information including Social Security Numbers, health records, and other contact information. As many as 90% of healthcare providers have experienced a breach in the last two years. Over half of these breaches are deemed to be criminal in nature, according to a study from the Penemon Institute, a privacy and security independent research firm (from Bloomberg, 05/07/2015).

Each member of a healthcare organization’s workforce has a responsibility to protect the privacy and security of all patient information. Implement the necessary safeguards by conducting a cybersecurity risk assessment within your organization.

Cybersecurity best practices:

Conduct an initial audit to determine potential exposures for your organization as well as to establish an action plan for identifying and implementing proper controls.

Establish written policies detailing your organization’s cybersecurity safeguards, including topics such as password protocols, guidelines for internet use, customer data control, and penalties for policy violations.

Keep hardware and software up-to-date to decrease risk from the latest malware or other security threats.

Secure your internet connection, including implementing a firewall and assuring that Wi-Fi signals are secure and encrypted.

Manage employee access to the internet or customer data by creating separate, password-protected user IDs for all employees and only granting employees access to systems needed to perform their job.

Keep systems used for payments separate from other potentially less secure systems.

Work with banks to make sure that the payment systems and services in place are trusted and secure.

Make regular backups of vital data, including internal documents and customer information.

Store data backups offsite, either at a remote location or in the cloud.

Implement physical security measures, such as keeping network equipment, servers, and other hardware in locked or restricted-access areas.

Secure mobile devices by requiring password protection and installing trusted security and anti-fraud systems.

Require employees to change their passwords at regular intervals, and consider implementing multi-factor authentication systems.

Succeed Management Solutions, LLC offers toolbox talk resources on related topics, with titles such as: Cybersecurity for Small Businesses, Cyber Security Planning Guide, and Ten Cybersecurity Tips for Small Businesses, provided by the Federal Communications Commissions. For healthcare organizations, Succeed has released a new HIPAA training series on the Privacy, Security, and Breach and Noncompliance components of the HIPAA law, including an awareness-level course for the workforce.

Zika Virus – What You Need to Know

Zika virus

The Zika virus is primarily transmitted through the bite of an infected Aedes species mosquito, which are most active during the day. Because the symptoms of the virus often go undetected, many people may not realize they are infected. Although people very rarely die of Zika, it can cause permanent damage to unborn infants which gives pregnant women the most cause for concern (CDC).

In addition to the bite by Aedes mosquitos, Zika has proven to be transmitted through blood transfusion, sexual contact, and from mother to child through pregnancy.

Outbreaks of Zika virus have previously been recorded in tropical Africa, Southeast Asia, and the Pacific Islands. Outbreaks are now present in the subtropical Americas, beginning in Brazil in 2015 and spreading to other countries in South America, Central America, Mexico, and the Caribbean.

Learn how to identify the virus and reduce the chances of contracting Zika virus:

Symptoms
• About 1 in 5 people who contract Zika will develop symptoms, and the illness is generally mild. Hospitalization or death are very rare.
• Symptoms of Zika infection typically begin 2 to 7 days after being bitten by an infected mosquito and last several days to a week.
• Symptoms include fever, rash, joint pain, headache, or conjunctivitis (red- or pink-eye).
• Zika virus usually remains detectable in the blood of an infected person for a week or longer.
• Zika virus is believed to be linked to some rare medical conditions, such as Guillain-Barre syndrome and myelitis, but large-scale studies to prove this connection have yet to be completed.

Pregnancy Concerns
Current scientific studies have found the following:
• Zika virus infection in a pregnant woman could affect the fetus at any stage of gestation.
• In an infected fetus, there is increasing evidence of a link to microcephaly, placental damage, central nervous system injury, slow growth, a large range of other birth defects, miscarriage and still birth.

The CDC currently recommends the following for pregnant women:

• Do not travel to areas with ongoing local transmission of Zika virus. However, if you do, report this information to your doctor.
• If a male partner has travelled to areas with Zika infection, either abstain from sex or use condoms during intercourse for the duration of the pregnancy.

Prevention
There is no vaccine to prevent Zika infection. Instead, prevent mosquito bites by:
• Using screens on windows and doors and sleeping under mosquito netting if necessary.
• Wearing long-sleeved shirts and pants and covering exposed skin.
• Using an EPA-registered insect repellant when outdoors.
• Use condoms and other contraception, especially for men in sexual contact with women who are pregnant.
• Postpone travel to areas where a Zika outbreak is growing.

Response
• If you suspect you have been infected, immediately contact your healthcare provider.
• Do not take aspirin or other NSAIDS (non-steroidal anti-inflammatory drugs) until dengue can be ruled out.
• The CDC recommends taking acetaminophen or paracetamol to reduce fever and pain.
• Unfortunately, there are no specific medications used to treat the symptoms.
• Drink fluids to prevent dehydration.
• Get plenty of rest.
• If you know you have contracted Zika, avoid mosquito bites during the first week of your illness to limit spread of the disease.

PLEASE NOTE:
Information about Zika virus disease is constantly evolving. For more information and current updates, please refer to the Center for Disease Control (CDC) website at www.cdc.gov/zika/index.html.

The World Health Organization (WHO) has also launched a global response plan to aid the world’s response to the spread of Zika virus.

March is Workplace Eye Wellness Month! Reevaluate your Eye Safety Programs

eye protection

Nearly 1 million Americans have lost some of their sight from an eye related injury, according to Prevent Blindness America (PBA). Eye wellness is important and something we may take for granted until a preventable accident occurs.

In light of Workplace Eye Wellness Month, make it a priority to review safety procedures and raise awareness about the importance of eye safety.

The Importance of Eye Protection

The majority of work-related eye injuries are a result of flying or falling objects or sparks striking the eye.

Other common potential hazards include the following:

• Fumes
• Vapors
• Chemical splashes
• Extremely bright or hazardous light, such as from welding

Common Types of Eye Protection

A job hazard assessment should be performed prior to the start of a particular task to determine the type of eye protection required.

Safety glasses protect against low-to-moderate impacts and sparks from activities such as grinding and woodworking. Only use safety glasses with side shields.
Goggles form a protective seal around the eye area to better protect from hazardous chemical vapors, splashes, or dust or other small particles that may enter the eye. Make sure that your goggles include ventilation mechanisms to prevent fogging.
Face shields protect the entire face against flying particles, sparks, splashes, harmful mists, and other hazards.
Welding masks are specially designed to protect from radiant energy, sparks, and metal splatters from welding.

Proper Use

• Always wear proper eye protection where required, even if danger to your eyes seems remote.
• Before use, verify that your equipment is appropriate for the task.
• Inspect eye protection prior to each use.
• If you wear prescription eyewear, use eye protection that accommodates it. Prescription eyewear by itself is not a substitute for safety glasses or goggles.
• When welding or cutting, always wear safety glasses or goggles underneath face shields or welding helmets.
• When your work is complete, store eye protection properly and away from extreme temperatures or direct sunlight.

Those working in office settings are encouraged to follow the 20-20-20 rule to reduce the risk of digital eye strain: Take a 20-second break by looking at something 20 feet away every 20 minutes.

Succeed Management Solutions, LLC offers an Eye and Face Protection online training course that outlines a manager’s responsibility to educate employees on safe equipment use and controls. Other related toolbox talk safety documents include: PPE – Tinted Safety Glasses, PPE – Machines and Clothing, Digital Eye Strain and more. Safety videos are also available in English and Spanish on the topics of Eye Safety and Eye Safety in Construction Environments.

Is your Organization Prepared for an Earthquake?

earthquake map

This USGS map indicates potential earthquake strength, with darker areas indicating stronger quakes.

A 2015 U.S. Geological Survey revealed that nearly half of Americans living in the United States are in danger of experiencing potentially damaging earthquakes.

The Obama Administration has recently announced a new initiative aimed at strengthening the Nation’s resilience to earthquakes by increasing public safety and improving architecture and warning systems.

Ensure all employees know what to do when an earthquake occurs: incorporate earthquake safety procedures into your workplace Emergency Action Plan.

Workplace preparation:

• Your organization’s Emergency Action Plan should include the following:
‒ Evacuation procedures
‒ Instructions to follow during and after the event
‒ Medical and rescue duties for designated employees

• The plan must consider construction and the type of ground it is built upon, as certain ground types and structures are more susceptible to collapse and damage.

• Emergency supply kits should be placed throughout the workplace with such items as flashlights or light sticks, first aid kits and handbooks, blankets, bottled water, dust masks, and fire extinguishers.

• Assure that everyone completes the necessary training:
‒ Everyone should be trained in earthquake response procedures, designated safe places, evacuation plans, and the locations of emergency supply kits.
‒ Designated employees can be trained in first aid and fire extinguisher use.

Succeed Management Solutions, LLC offers a newly updated Emergency Action Plan online training that describes the process of deploying an emergency action plan in the workplace. Other related toolbox talk safety documents include: Emergency Preparedness for Businesses, an Emergency Action Plan policy, and an Emergency Preparedness policy. There is also a safety video available on Emergency Planning in both English and Spanish.

Succeed Management Solutions, LLC Doubles Training Library in 2015

GIF of trainings

In 2015, Succeed Management Solutions, LLC released 37 new online training courses. These courses cover a diverse range of industry topics in both English and Spanish, including Trenching and Shoring, Active Shooter Preparedness, Patient and Resident Handling and many more. Also, 38 existing online training courses on general industry topics have received significant improvements to their content, appearance, and functionality, including Slip, Trip and Fall Prevention, Workplace Violence, and Bloodborne Pathogens.

The Succeed Risk Management Center® resource library has also grown to include over four hundred comprehensive safety training materials that have been updated and created to complement each online training course.

In the New Year, Succeed is continuing to expand their risk management library while focusing on the development of new online training courses that address several different industry topics and current anticipated OSHA rules including: Food processing, DOT/CDL, and Crystalline Silica Exposure.

Check out Succeed’s current list of Online Training Titles

Reminder: Post OSHA 300A Summary Form by February 1st

Employers with 11 or more employees (including temporary employees) are required to post the OSHA 300A Summary form in a public area of the workplace from February 1 through April 30, 2016, for the previous year. This form is a representation of the total number of injuries and illnesses recorded for the year, as documented in the OSHA 300 Log. The OSHA 300 Log is an ongoing list of all recordable injuries, illnesses, and fatalities at an organization.

There are exempt industries that are not required to post the OSHA 300A Summary, however since January 1, 2016, OSHA has decreed that additional industries are now required to post this form. These industries include automobile dealers, bakeries, beer, wine, and liquor stores, performing arts companies, special food services, building material and supplies dealers, and more. Even if your organization is exempt, you still have to complete the forms if there has been a fatality, in-person hospitalization, amputation, or if an employee lost an eye due to a work-related incident.

The OSHA 300 forms are requested in any OSHA visit. Citations and fines may result if your organization does not comply. Regardless of OSHA, it is a best practice to keep a record of all injuries, and perform investigations to assess the root causes, at risk behaviors, and other factors that can help organizations prevent injuries.

Please use these links below for more information on the OSHA 300 log process, or to sign up for a free webinar.

View a short introductory video on the OSHA 300 logs
Sign up for a free educational webinar on the OSHA 300 log process
View the pre-recorded educational webinar

Prevent Infection in the Workplace

bloodborne pathogens

Protection against potentially infectious materials is an important part of workplace safety. During normal activities, most of us are occasionally exposed to the bacteria Staphylococcus aureus (staph) and Methicillin-resistant Staphylococcus aureus (MRSA) (from http://www.cdc.gov/niosh/topics/mrsa/). Infection and illness can occur without the proper hygiene.

Staph and MRSA
• Staph is a bacteria commonly carried on the skin or in the nose of 25% – 30% of healthy people.
• MRSA encompasses types of staph that are resistant to certain antibiotics. They are present on or in about 1% of healthy people.
• Unless staph enters the body through a cut or other wound, it is generally harmless.
• Staph and MRSA infections frequently occur among people in hospitals and healthcare facilities but can also occur in schools, libraries, stores, daycare centers, and private companies.

Safeguards
• Wash hands thoroughly with soap and water or by using an alcohol-based hand sanitizer.
• Do not share personal items like uniforms, personal protective equipment (PPE), clothing, and towels.
• Establish cleaning procedures for frequently touched surfaces.
• Keep cuts and scrapes clean and bandaged until healed.

Symptoms and Treatment
• A minor staph or MSRA infection may look like a pimple or boil and can be red, swollen, painful, or have pus or other drainage.
• Serious infections may cause headaches, fever, pneumonia, and potentially life-threatening infections in the bloodstream or surgical wounds.
• Many staph skin infections can be treated by draining the abscess or boil and will not require antibiotics.
• Treatment can sometimes require antibiotics as prescribed by a trained healthcare provider.
• If you might have a skin infection, consult a healthcare provider as soon as possible.

Succeed Management Solutions, LLC offers a newly updated Bloodborne Pathogens online training with the most current standard precautions to follow in the workplace. New posters and toolbox talks are available to use as informational aids on topics of: sharp container safety, common viruses, bloodborne pathogens and staph/MRSA precautions.

Driving Safely in Winter Weather

winter driving

During the winter season, drivers should be aware of different conditions on the road. Due to shorter days, drivers spend more time driving in the dark and in low- visibility conditions. Roads can be slick and other seasonal elements can threaten vehicle safety.

Assure employees are prepared for driving in inclement weather conditions by communicating the following:

Give yourself adequate time to reach your destination. Allow for an extra 5 – 10 minutes (or even more time) to account for poor weather and road conditions.

Leave plenty of space for other vehicles. Increase your following distance to compensate for reduced reaction times and longer braking distances.

Increase your visibility to others. Use your headlights to assure your vehicle is visible to other drivers.

Keep your vehicle properly maintained. Assure that vehicle components such as the battery, tires, brakes, lights, wipers, and fluid levels are in adequate condition before starting to drive.

Keep emergency supplies in your vehicle at all times. Make sure that your vehicle contains extra blankets, tire chains, emergency signals or flares, water, and nutritious dried or canned food.

Know who to contact in the event of an accident or breakdown.

Keep your phone charged. Help ensure that you will be able contact emergency services.

Succeed Management Solutions, LLC offers a series of Driver Safety online training courses on topics of: defensive driving, distracted driving, and general driver preparedness for non-commercial drivers. Toolbox talk resources are offered on a variety of topics such as: vehicle maintenance, winter driving, winter preparation, and more. There is also a safety video available in both English and Spanish on Winter Safety.

Is Your Organization Prepared for an Active Shooter Situation?

active shooter preparedness

No workplace is immune to the risks of an active shooter incident. However, there are steps you can take to assure your organization is prepared for the worst.

Emergency Action Plan

Tailoring an emergency action plan to your organization helps employees understand the proper procedures for dealing with an active shooter situation and its aftermath.

  • Your plan should include:
    • How to report emergencies to proper authorities and remote locations within the premises.
    • Contact information for area hospitals and emergency personnel.
    • Evacuation policies and procedures.
  • When creating your plan, work with Human Resources and training departments, as well as external resources such as facility owners, property managers, and local law enforcement.

Training Exercises

Training exercises and simulations of active shooter situations can educate employees on your organization’s emergency action plan and reinforce practices that can help save lives.

  • The training should include:
    • Exercises to help recognize and react properly to gunfire.
    • When to call 911.
    • What to do when law enforcement arrives.
    • Exercises to develop a “survival mindset.”
  • Contact local law enforcement and emergency response agencies if you have any questions about the design or facilitation of training exercises.

Preventative Measures

Organizations can take steps to minimize the chances of an active shooter situation.

  • Cultivate a respectful environment in the workplace.
  • The responsibilities of organizational and facility management include the following:
    • Proper screening and background checks
    • Adherence to procedures for reporting violent behavior
    • Implementation of access controls throughout the premises
    • Distribution of floor plans
    • Crisis kits


Warning Signs

Before an incident, active shooters usually exhibit traits of potentially violent behavior over an extended period of time. Know the warning signs and train employees to be aware of them. Employees should report signs of potentially violent behavior to a manager or HR.

Common traits that may be indicative of potentially violent behavior include the following:

  • Feelings of depression or withdrawal
  • Increased use of drugs or alcohol
  • Decreased attention to personal appearance or hygiene habits
  • Resistance to policy or procedural changes or disregarding the existing organizational policies
  • Severe mood swings, unprovoked outbursts of anger, or unstable, overemotional reactions
  • Increased talk of personal issues, suicide or death, firearms, or violent crimes

 

Please note that this list is not comprehensive, nor is it to be used as a diagnostic tool.

Succeed Management Solutions, LLC offers an Active Shooter Preparedness online training course for your organization that includes information on organizational preparedness, preventive measures, active shooter response, and post-incident actions.

The Right Body Protection Can Save Lives

Body Protection

Hazards are present in every workplace. The Bureau of Labor Statistics reveals the majority of workplace injuries occur while workers are performing their normal job duties at their regular work sites.

In many industries, avoiding injuries and incidents depends on correctly identifying and acquiring the proper personal protective equipment, or “PPE” for the task.

Body protection generally protects the torso, but can also include full-body coverage that can protect from chemical splashes, sharp objects, or welding sparks. The proper type and condition of equipment will need to be determined by a job hazard assessment conducted before the work begins.

Note: Body Protection and other PPE will not completely eliminate hazards.

The most common types of body protection include the following:

Common Types
• Aprons
• Laboratory coats
• Front or rear gowns
• Vests
• Jackets
• Coveralls
• Chaps
• Full body suits

Common Materials
• Paper or fiber
• Rubber
• Treated wool or cotton
• Leather

Before use:
• Assure employees have been fully trained on its proper use
• Inspect body protection for holes, cuts, or other noticeable signs of wear
• Replace any worn or damaged articles
• Assure body protection fits properly. Ill-fitting clothing may result in additional hazards such as trips and caught-in hazards.

After use:
• Perform on-site cleaning and maintenance of equipment. Do not clean body protection items at home or in public laundromats.
• If working with chemicals, biohazards, or other hazardous materials, remove and properly dispose of any contaminated clothing immediately.

Succeed Management Solutions, LLC offers a newly updated Personal Protective Equipment training course for management that includes information on hearing, respiratory and full-body protection, PPE selection, inspection, and maintenance. A series of toolbox safety documents are also available about specific types of PPE such as eye, foot and hand protection, and types of machinery and clothing.