HIPAA Compliance for Medical Practices
77.1K views | +13 today
Follow
HIPAA Compliance for Medical Practices
HIPAA Compliance and HIPAA Risk management Articles, Tips and Updates for Medical Practices and Physicians
Your new post is loading...
Your new post is loading...
Scoop.it!

Understanding the HIPAA Security Rule: Administrative Safeguards

Understanding the HIPAA Security Rule: Administrative Safeguards | HIPAA Compliance for Medical Practices | Scoop.it

The Administrative Safeguards are the most comprehensive standards, as they cover over half of the HIPAA Security Rule. These standards encompass many of the oversight aspects of managing a covered entity. The other two posts in this blog series covered Technical Safeguards and Physical Safeguards.

 

The Department of Health and Human Services defines these safeguards as “administrative” actions, and policies and procedures, to manage the selection, development, implementation, and maintenance of security measures to protect ePHI and to manage the conduct of the covered entity’s workforce in relation to the protection of that information”.

 

Administrative Safeguards are broken down into the following standards:

  • Security Management Process: A covered entity must implement policies and procedures to prevent, detect, contain, and correct security violations. There are four required implementations for this standard:
    • Risk Analysis
    • Risk Management
    • Sanction Policy
    • Information System Activity Review
  • Assigned Security Responsibility: This standard requires the designation of a security official who is responsible for the development and implementation of policies and procedures.
  • Workforce Security: Under this standard, a covered entity must implement policies and procedures to ensure that all staff members have appropriate access to ePHI, and also to prevent those workforce members who do not have permission, from accessing it. There are three addressable implementations under this standard:
    • Authorization and/or Supervision
    • Workforce Clearance Procedure
    • Termination Procedures
  • Information Access Management: This standard relates to the implementation of policies and procedures regarding the authorization of access to ePHI. There are three addressable implementations under this standard:
    • Isolating Healthcare Clearinghouse Functions
    • Access Authorization
    • Access Establishment and Authorization
  • Security Awareness and Training: Under this standard, a covered entity must have a security awareness and training program for all members of its workforce, including physicians and management. There are four implementations for this standard:
    • Security Reminders
    • Protection of Malicious Software
    • Log-in Monitoring
    • Password Management
  • Security Incident Procedures: Covered entities must have policies and procedures in place to address security incidents. There is one implementation:
    • Response and Reporting
  • Contingency Plan: The purpose of this standard is for covered entities to establish policies and procedures for responding to emergencies or other occurrences (fire, vandalism, natural disasters, etc.) that may damage systems containing ePHI. There are five implementations for this standard:
    • Data Backup Plan
    • Disaster Recovery Plan
    • Emergency Mode Operation Plan
    • Testing and Revision Procedures
    • Applications and Data Criticality Analysis
  • Evaluation: This standard requires covered entities to perform periodic technical and nontechnical evaluations in response to environmental and operational changes affecting the security of ePHI.
  • Business Associate Contracts and Other Arrangements: The final standard relates to the relationship between a covered entity and the vendors it uses. It states that the covered entity may permit a business associate to create, receive, maintain, or transmit ePHI on the covered entity’s behalf, only if the covered entity obtains the correct assurances. There is one implementation under this standard:
    • Written Contract or Other Arrangement

HIPAA Administrative standards provide a broad and wide-encompassing scope of administrative functions that a covered entity must implement regarding the security of ePHI. Here are some basic practices that a covered entity can put into place:

 

  • Perform a regular risk analysis of systems used by the office to determine any new vulnerabilities or weaknesses.
  • Appoint a HIPAA Security Officer who oversees the implementation of these standards and maintains all policies and procedures related to security measures.
  • Ensure that all staff members adhere to a policy of creating strong passwords to access workstations/software programs that access ePHI. These passwords should not be common words or phrases and should not be shared among employees.
  • Create regular backups of any servers or systems that process ePHI. This can be done via a cloud-based system or an encrypted backup tape/hard drive.
  • Immediately remove access to any programs that process ePHI (EMR, billing/scheduling software, etc.) for any employee that becomes no longer associated with the covered entity (termination or job change). This will help prevent improper access to patient data.
  • Obtain and maintain Business Associate Agreements (BAAs) with any third-party vendors that store or process PHI. These agreements must ensure that the vendor will appropriately safeguard patient information.

 

As with Physical and Technical Standards, Administrative Standards need to be reviewed for each covered entity through an annual HIPAA Security Risk Assessment. These assessments are not only mandatory, but they are essential to determine any risks that can lead to a breach of data.

 

In closing, the HIPAA Security Rule covers a wide range of standards and implementations that covered entities must employ to ensure HIPAA compliance. Failure to adhere to these policies can lead to OCR (Office of Civil Rights) sanctions in the forms of audits and even severe civil penalties.

Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
Scoop.it!

Is it time for your Annual HIPAA Risk Assessment?

Is it time for your Annual HIPAA Risk Assessment? | HIPAA Compliance for Medical Practices | Scoop.it

Top 5 actions you can take to prepare for your next HIPAA Compliance review or risk assessment:

  • Identify where all your Patient Health Information (PHI) is stored, received, maintained or transmitted.
  • Assess current security measures used to safeguard PHI.
  • Make a list of all vendors that may have access to your PHI.
  • Have all your written HIPAA Policies and Procedures in place.
  • Be ready to document the assessment and take action where necessary.

Identify where your PHI is stored:

On your Computer?

  • Electronic Health Records (EHR)
  • Shared network drives
  • Word documents
  • Faxes
  • Recycle bin
  • Emails

In your office?

  • Paper Charts or files
  • File rooms and closets
  • CDs and USB drives
  • Old computers/servers that are no longer in use
  • Shredders or shred bins
  • Tablets and other mobile devices
  • Diagnostic equipment such as ultrasound machines and scanners.

Within your network storage?

  • A database
  • Other folders on the hard drive
  • Unencrypted images on other folders
  • Remote servers
  • Documents on network shares

On the cloud?

  • Electronic Health Record systems
  • Online cloud backup service
  • e-Fax services
  • Online file storage and transmission services such as Box, Dropbox, Google Drive.
  • Email services

How to Safeguard your PHI?

  1. Administrative Safeguards are used to develop a formal security management process including having written HIPAA Policies and Procedures readily available for medical office staff. Require that all staff, including physicians undergo security training to stay current on the laws and guidelines. Develop policies and procedures for the transfer, removal, and reuse of PHI.  
  2. Physical Safeguards are used to secure location and workspaces for staff members limiting access to unauthorized people and potential intruders. Provide Physical Cameras and Alarm systems as needed. Lock all IT equipment and limit access to authorized personnel only.
  3. Technical Safeguards are used to secure and control access to ePHI.  This is done in many ways such as establishing passwords, PIN numbers, implementing automatic logoff control. Ensure that antivirus is updated on all PCs. The PCs/Laptops on which PHI data and Images are stored should be fully encrypted. Do not share passwords.

What are compensating controls?

Compensating controls or alternative controls are put in place to satisfy the requirement for a security measure that is impractical to implement at the present time.

Examples of compensating controls:

When a medical office has paper charts that are filed on open shelves in a storage room or behind the reception desk, it is recommended to lock the charts at the end of the day.  Many times it is not practical to put locks on all open shelves that are used to file charts.  A compensating security measure can be used to install cameras surrounding the premises to monitor and record all activities. It is important that you also have a process in place to monitor the video recordings periodically.

Or

If an Ultrasound Technician uses CDs, Tapes, and Disks to store images or uses a USB hard drive to transfer the images to PCs and the EHR, then these devices have to be encrypted.  Many times, the Technician is not sure if the Thumb drives are encrypted. A compensating control here would be to lock the CDs and flash drives in a cabinet when not in use.

The Health Insurance Portability and Accountability Act (HIPAA) is primarily concerned with the Privacy and Security of Patients' Protected Health Information.  All entities that come into contact with Protected Health Information on a regular basis are covered under the Act.  Has it been more than one year since your last HIPAA Risk Assessment?  Or have you never had a HIPAA Risk Assessment done before? Either way, be sure to schedule your 2018 HIPAA Risk Assessment and 2018 HIPAA Training right away - don't wait until its too late.

Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
No comment yet.
Scoop.it!

Is Your Practice HIPAA Compliant?

Is Your Practice HIPAA Compliant? | HIPAA Compliance for Medical Practices | Scoop.it

Is Your Practice HIPAA Compliant?

With considerations and requirements that can be somewhat overwhelming, achieving HIPAA compliance can be quite challenging for medical practices. Even for those well acquainted with HIPAA provisions, there’s always the possibility of gaps and weaknesses. According to the Department of Health & Human Services (HHS), an average of 1,445 complaints has been submitted each day during the calendar year 2018. This staggering statistic means there is much cause for concern.

 

Often, the missteps in HIPAA compliance aren’t deliberate or due to lackadaisical procedures, but rather the result of insufficient documentation and/or inefficient tools. The first step in determining where your vulnerabilities lie is through a Security Risk Analysis. However, a Risk Analysis is often considered the Achilles heel for practices, requiring substantial documentation on multiple processes and contingencies. While the many complex layers of a Risk Analysis present multiple opportunities for errors to occur, its importance in passing audits and being prepared is invaluable.

 

Security Risk Analysis

The Office of Civil Rights (OCR) has determined that the Risk Analysis, which is derived from the Security Rule, to be the foundation of a HIPAA-compliant program. The Risk Analysis and its significance in HIPAA compliance impacts every part of the healthcare ecosystem. There are no opt-outs of HIPAA compliance, no matter the size of an organization or any other influencing factors. Every organization that transmits any Personal Health Information (PHI) in an electronic format or in data content in connection with a transaction for which HHS has adopted a standard, must be HIPAA-compliant. This includes providers such as doctors, clinics, psychologists, dentists, chiropractors, nursing homes, pharmacies, health insurance companies, HMOs, company health plans, government and military/veteran health care programs, health care clearinghouses, and/or MACRA/MIPS participants.

 

In straightforward terms, per the HHS site, the purpose of the Risk Analysis is to “conduct an accurate and thorough assessment of the potential risk and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the [organization].” To ensure that information is protected and safeguarded by HIPAA standards, the Risk Assessment takes into account three separate organizational areas: physical, technical, and administrative. Each division must have its own plan for compliance, detailing both strengths and possible weaknesses. It’s also not a one and done type of exercise–plans must evolve throughout a healthcare organization’s lifespan.

 

Risk Analysis and Meaningful Use

In today’s medical profession, failing a Meaningful Use (MU) audit isn’t as uncommon as one would hope. In fact, the Morning eHealth section of Politico magazine reported that according to Centers for Medicare & Medicaid Services (CMS) data, 209,000 doctors and providers were penalized for failure to meet MU standards in 2014, which is approximately two in five physicians practicing in the U.S. Failing a Meaningful Use audit often comes down to the same weak link—either the lack of, or the insufficiency of, a practice’s Risk Analysis. And further reports on 2016 HIPAA audits by HHS.gov have found that organizations did not have an adequate Risk Analysis 83% of the time. As the foundation for HIPAA compliance, it’s simple to see that Risk Analysis deficiencies can impact many other components of the compliance network as well.

Risk Analysis: The Center Piece of a Much Bigger Compliance Puzzle

Risk Analysis sets the tone for HIPAA compliance and having a sound plan that details strategies in all three areas are essential. However, many other pieces must fit together to complete the puzzle. Remaining compliant is an ongoing act of vigilance. Policies and procedures must be drafted that define processes to safeguard PHI, and should include Disaster Recovery and Business Continuity Plans—compliance must continue even when the worst scenario occurs. In addition, everyday operating initiatives must be supported, such as password protocols and staff training. In fact, staff should be trained in PHI security within 90 days of hire, with continued education scheduled on an annual basis.

 

Furthermore, organizations should set in place routine procedures to ensure patients sign required HIPAA-related notices and forms, during both new patient onboarding, and on an annual basis going forward. It is also essential to regularly verify that vendors and other providers that interact with a patient’s PHI are not only HIPAA-compliant but have executed Business Associate Agreements to offset any liability in the case of a breach. Lastly, retaining HIPAA documentation in both hard copy and digital means practices have information readily accessible to confirm compliance.

Ensure Compliance: Join ChartLogic’s Webinar “Are You HIPAA-Compliant?”

In today’s modern electronic healthcare world, HIPAA compliance is mandatory, crossing all sectors of the healthcare industry. To avoid costly penalties, data violations, and breaches in doctor-patient trust, small practices, and large organizations alike must keep current with the HIPAA landscape and ensure that weaknesses in their systems are turned to strengths.

Join a free webinar hosted by Abyde & ChartLogic to learn more about Security Risk Analysis and other related HIPAA requirements. In this complimentary educational HIPAA compliance webinar, other topics covered will include:

  •  HIPAA Privacy & Security Rules simplified
  •  MACRA/MIPS & Meaningful Use HIPAA Compliance requirements explained
  •  Statistics from the most recent HIPAA audits
  •  Passing an audit
  •  Software solutions for HIPAA compliance

 

 

Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
No comment yet.
Scoop.it!

HIPAA Breach Notification Rule

HIPAA Breach Notification Rule | HIPAA Compliance for Medical Practices | Scoop.it

HIPAA Breach Notification Rules under the HITECH and GINA Act were issued on January 25, 2013, resulting in modifications to HIPAA Privacy, Security, and Enforcement. This is commonly known as the Omnibus Rule. The Omnibus Rule mandates covered entities (CEs) and business associates (BAs) provide the required HIPAA breach notifications following an impermissible use or disclosure of protected health information (PHI).

What is a HIPAA Breach?

A HIPAA breach notification may be required because of an impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of the protected health information (PHI) of an individual.  An impermissible use or disclosure is presumed to be a breach unless the CE or BA demonstrates that there is a low probability that the protected health information has been compromised.

A risk assessment must include consideration of at least the following factors:

  • The extent and nature of the PHI involved (i.e. types of identifiers and likelihood of re-identification);
  • The unauthorized person who used the protected health information or to whom the disclosure was made;
  • If the PHI was viewed and/or acquired;
  • To what extent the risk to the PHI has been mitigated.

How Does a HIPAA Breach Notification Work?

(1) HIPAA Breach Notification Rule: Following a breach of unsecured PHI, CEs must notify affected individual(s) and the Secretary of Health and Human Services (HHS).”  In instances where the breach affects more than 500 residents of a State or jurisdiction, notice must be provided to prominent local media.  In addition, BAs must notify CEs that a breach has occurred.

Individual HIPAA breach notifications must occur without delay, but not later than 60 days from the date of the breach discovery.  A breach is considered to be “discovered” when at least one employee of the entity knows of the breach.  This does not include the person responsible for the breach.

(2) Covered Entities HIPAA Breach Notification: Covered entities are required to notify affected individuals following the discovery of a breach of unsecured PHI. The CE must provide the individual notice in written form by first-class mail.  Notices by email are permissible if the affected individual has agreed to receive notices electronically.

What about Business Associates?

(1) Business Associates HIPAA Breach Notification:  If a breach of unsecured PHI occurs by a business associate, the BA must notify the CE following the discovery of the breach.  A business associate must provide notice to the covered entity no later than 60 days from the day of discovery of the breach.  BAs are required to provide the identification of each individual affected by the breach.  The covered entity is responsible for ensuring the individuals are notified of a breach by a business associate even if the covered entity is charged with the responsibility of providing individual notices to the business associate.

(2) Out-of-date Information: If the CE or BA has insufficient or out-of-date information for more than 10individuals, the CE must provide a substitute individual notice by one of two methods.  It may post the notice on the home page of its website for at least 90 days.  Or it may provide the notice in major print or broadcast media where the affected individuals reside. This notice must include a toll-free number that remains active for at least 90 days.  If the CE or BA has insufficient or out-of-date information for less than 10 individuals, the covered entity may provide a substitute notice by an alternative form of written, telephone, or other means of notification.

HHS Wall of Shame

As required by section 13402(e)(4) of the HITECH Act, the Secretary posts a list of HIPAA breaches of unsecured protected health information affecting 500 or more individuals. These HIPAA breaches can range from a laptop theft to a hacking/IT incident.In 2015 there were over 113 million breaches of individual records reported, and the number of incidents related to “hacking” and “IT incidents” have doubled since 2014.   And this only includes breaches involving 500 or more individuals!

Most recently, St. Joseph Health (SJH) has agreed to settle potential violations of HIPAA Privacy and Security Rules following the report that files containing ePHI were publicly accessible through internet search engines from 2011 until 2012.  The public had unrestricted access to PDF files containing the ePHI of 31,800 individuals, including patient names, health statuses, diagnoses, and demographic information.  SJH will pay a settlement amount of $2,140,500 and adopt a comprehensive corrective action plan.  This plan requires the organization to conduct an enterprise-wide risk analysis, develop and implement a risk management plan, revise its policies and procedures, and train its staff accordingly.

The HIPAA Security Rule’s specific requirements to address environmental and operational changes are critical for the protection of patient information. Entities must not only conduct a comprehensive HIPAA risk analysis, but must also evaluate and address potential security risks when implementing enterprise changes impacting ePHI.

Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
No comment yet.
Scoop.it!

Do Dentists need to comply with HIPAA?

Do Dentists need to comply with HIPAA? | HIPAA Compliance for Medical Practices | Scoop.it

In April 2018, a dental office in New Jersey, Michael Gruber, DMD, PA reported that their computers were hacked and 4624 patient records were stolen.  Now, this incident appears on the “Wall of Shame” at the Department of Health and Human Services website. Yes, it can happen to anybody.

 

Many dentists seem to think that either they do not need to comply with HIPAA (Health Insurance Portability and Accountability Act) or that they are already compliant as they have taken HIPAA training provided by their EHR or by a consultant. While HIPAA training is indeed one of the annual requirements to be compliant with HIPAA law, it certainly is not the only requirement.

 

In the event of a breach like the one reported by Michael Gruber, DMD, PA, as it involved the loss or theft of more than 500 patient records, it became a reportable breach. Dentists, like any other covered entity, are required to comply with HIPAA breach notification rules that involve notifying OCR (Office of Civil Rights), the patients and in some cases, media.  This can become an expensive proposition as legal fees, penalties, media costs, postage costs, forensic investigation costs, and other related expenses are incurred during this breach notification and investigation phase.

 

Once a covered entity becomes a victim of a breach, OCR puts the case under investigation and more likely than not, conducts an audit of the practice.   One of the first documents requested in this case is a copy of the office’s HIPAA risk assessment or analysis which should be done annually.   

 

They would typically also ask to see your HIPAA policies and procedures.  Depending on the outcome of the investigation, OCR, as the enforcement arm of the Department of Health and Human Services, might also decide to impose monetary fines for HIPAA violations.  In severe cases of criminal negligence or impropriety, federal agencies such as the FBI or Department of Homeland Security or the Department of Justice get involved and there have been examples where a healthcare provider or an employee has been jailed.

Basic requirements for HIPAA compliance for a dental office:

  • Risk Assessment or Analysis:

    Conduct a risk analysis or risk assessment every year.

  • HIPAA Training:

    Train all your employees (including dentists, hygienists, assistants and all administrative/ office staff) every year on HIPAA privacy, security and breach notification rules.

  • Policies and Procedures:

    Create and maintain HIPAA policies and procedures and ensure that employees are familiar with them and follow them regularly.

Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
Scoop.it!

HIPAA Compliance Guidelines for Email & Social Media 

HIPAA Compliance Guidelines for Email & Social Media  | HIPAA Compliance for Medical Practices | Scoop.it

HIPAA applies to both the storage and transfer of electronic protected health information, so electronic communications that may include patient data must be handled with care. This includes email communication between patients and healthcare providers, as well as social posts from healthcare companies and their employees. As more patients adopt an email communication preference and more healthcare providers succumb to the pressures of maintaining a social presence, the possibilities of HIPAA violations grow.

 

To ensure you’re taking the necessary steps to uphold HIPAA compliance standards in your electronic communications, follow these guidelines:

#1: Validate Your Email Security

If you’re sharing sensitive patient data via email, you must use encryption to protect patient privacy. How do you ensure your emails are encrypted and fully HIPAA compliant? Here are a few tips:

  • Adopt a HIPAA compliant email service.
  • Check your current email client for an encryption security setting and request a signed business associate agreement.
  • Set up a secure patient portal for provider-patient communications.
  • Avoid including electronic protected health information (ePHI) in the body of your emails.
  • Manually encrypt any ePHI files sent via email.
  • Include a privacy statement at the bottom of every email.

#2: Get Proper Patient Consent

Consent is an important—and necessary—part of ensuring patient privacy. If you want to engage patients in any sort of electronic communication, you must get them to accept the inherent risks and provide documented consent. Here are some scenarios where this consent is a must:

  • Before communicating with your patient via email
  • Before transmitting any sensitive patient data via email
  • Before publishing a patient testimonial on your website
  • Before sharing a patient photograph on your social channels
  • Before posting details of a patient procedure on your social channels

#3: Create Detailed Office Policies

To ensure HIPAA data privacy remains a top priority for employees during email or social media exchanges, you should develop clear office policies for these types of communication. Here are some of the guidelines your policies should include:

  • When and where to share privacy statements
  • What types of information may or may not be sent via email
  • How to avoid HIPAA pitfalls when using social media
  • Which employees may or may not transmit ePHI
  • When to obtain patient consent

#4: Err on the Side of Caution

If you want to stay on the right side of HIPAA, the best policy is to be extremely cautious about the information you share electronically. Simply avoid any electronic communication that falls into a HIPAA compliance gray area. Here are a few best practices to get you started:

  • Don’t publish a social post that includes any details about a patient’s circumstances
  • Establish appropriate electronic boundaries with patients
  • Don’t give medical advice via email or social comment
  • Allow just one or two individuals to post to social media on your office’s behalf
  • Don’t address complaints on social media
Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
No comment yet.
Scoop.it!

HIPAA Violation and Hospital Employee viewing PHI 

HIPAA Violation and Hospital Employee viewing PHI  | HIPAA Compliance for Medical Practices | Scoop.it

HIPAA Violation rocks hospital!  An employee at St. Charles Health system accessed over 2400 patients’ medical records over a two-year period because they were curious. We all know that curiosity killed the cat and now it may have direr consequences for this curiosity seeker and the hospital system. 

HIPAA Violation without intent to commit fraud

The employee who viewed the protected health information (PHI) without a legitimate reason to do so is in jeopardy of large civil fines, loss of their respective clinical license and criminal prosecution. Not to mention termination from their present position. The hospital system has to repair its damaged reputation while at the same time prepare to defend itself against potential civil/criminal lawsuits.  There are too many incidences were an organization is liable for HIPAA violations, even though they “didn’t do it”.

 

Now the local District Attorney has taken interest in this matter and is launching a criminal investigation. Under the HIPAA statute there is no individual right of action, however, the Attorney General of the state where the infraction took place may file charges on the individual(s) behalf.

 

The aforementioned employee signed an affidavit stating that the HIPAA violation they committed, and any of the information they accessed was not to commit fraud, however, that did not halt the criminal investigation.

Hospital employee viewing PHI

This real-life incident demonstrates how healthcare providers and their employees can face serious trouble for viewing records inappropriately. Just remember this incident when you want to be inquisitive about a patient that you are not treating or accessing a patient’s medical records for no business purpose.

 

When performing your job function, it is not a HIPAA violation if you release and/or access a patient’s PHI for treatment, payment or health operations (TPO). When accessing and/or releasing a patient’s PHI, ask yourself does this fall under the TPO exceptions? If it does, then you should just release the minimum information necessary to complete the task and if it does not, then you may need an authorization signed by the patient or his/her representative. In the event you are unsure if you can release and/or access a patient’s PHI, contact your supervisor or your organization’s Privacy Officer.

 

Finally, this violation reaffirms the need to conduct a HIPAA Risk Analyses, including monitoring the privacy/breach rule.  Use your policies and procedures for efficient and effective training, auditing and monitoring.

Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
K.I.R.M. God is Business " From Day One"'s curator insight, July 2, 2018 4:09 AM

There is a way to address certain issues using protocol. and proper procedures. Take yourcissue to the right people in the right way.