Best Defense Against Ransomware is a Good Backup

By now, most have heard or been affected by the WannaCry ransomware that has spread to over 150 countries at last count. The WannaCry ransomware started taking over users' files on Friday, demanding $300 to restore access. Hundreds of thousands of computers have been affected so far. Computer giant Microsoft said the attack should serve as a wake-up call. The first line of defense in this is always having a properly maintained firewall both on your network and on each individual computer system. Ho ...

HHS OCR: PHI Security is your top priority

If you haven't noticed, cybersecurity is a major issue in the world, politically, economically, and even personally.  No one wants their identity stolen.  No business wants to deal with customer (patient) retaliation caused from losing their personal health information, whether it's boycotting, bad press, negative social media or a class action lawsuit. In general the U.S. government is taking action to help protect small businesses by requesting a new standard cybersecurity guide be written by the Nat ...

Security Alert: Google Email Attack

Google is investigating a large-scale phishing attack involving malware that is currently spreading among users of its Gmail service. You will see a message similar to the one below! The message sent to Gmail users includes an invitation to view a shared Google Docs document. However the link leads to a self-propagating internet worm. DO NOT CLICK IT! Users are asked to log into their Google accounts by the malware, which doesn't ask for a password and appears to bypass two-factor authenticatio ...

Lack of Awareness – Still a Barrier to Cybersecurity Effectiveness

A recent study conducted by HIMSS Analytics and reported in the HIPAA Journal indicated that more than 78% of the IT executives, managers, and staff surveyed identified employees’ lack of security awareness as a primary concern – despite 85% of the same survey respondents claiming to have an educational program in place designed to create awareness! Clearly a one-time – or even annual – training program isn’t enough. So how can healthcare executives improve information security awareness withou ...

Cybersecurity: Have you hardened your systems?

We perform HIPAA Risk Assessments (Security Risk Analysis) for very small practices to large healthcare organizations, plus business associates that include software, big data, and marketing companies.  We know the focus of the assessment needs to be security; therefore, we run an industry standard (NIST based) scan checking computers for HIPAA compliance.  (NIST stands for National Institute of Standards and Technology) Our findings show that the average covered entity is about 15% compliant and the ...

The greatest threat comes from within

Sometimes it is easy to forget that the greatest threat is from within. In today’s focus on cyber-security world, we tend to focus on keeping people out of our network as a primary method to keep our sensitive data, such as ePHI, safe. While that is incredibly important, we should make sure not to overlook the threat posed by those we do grant access. How much of a threat is it? Well, roughly half of all attacks originate from inside the company - and not all are with malicious intent. Part of the prob ...

5 Tips for Creating an Information Security Culture

Engaging clinical staff in information security can be an uphill challenge. For people doing the tangible, social, and physical work of healthcare, a Security Officer’s cautions regarding the invisible threat of cyber-theft can seem like science fiction paranoia. Further, among the healthcare practitioners who do recognize information security as a relevant concern, a substantial number still see it as an “IT issue.”  And finally, as if those barriers weren’t enough, the mere mention of “HIPA ...

One small step for man, one giant leap for privacy!

“To err is human”… a pretty obvious statement. So if we all know we are going to make mistakes, why not add an extra level of security to mitigate the effects of the mistake? I am sure we have all been in the predicament of sending John C. an email, but when we clicked on our contacts list we accidentally sent it to John B. I have conversations constantly with clients and friends about encrypting their email to protect themselves and often get the same set of questions… “Isn’t that e ...

Focus on Security: Special Cyber Security Briefing Event

PLEASE JOIN US ON FRIDAY, MARCH 24TH, 7:30 am -8:30 am Kerby Lane Round Rock, 2120 N Mays St, Round Rock, Tx for a BUSINESS OWNER AND LEADERSHIP BRIEFING on CYBER SECURITY ISSUES THAT ARE IMPACTING SMALL AND MID-SIZED BUSINESSES IN CENTRAL TEXAS Here’s why we think it’s important you attend: We’re seeing story after story of large corporations falling victim to cyber-attacks, but not enough attention is being placed on how small and mid-sized businesses are impacted at even greater freque ...

HIMSS17 – Are medical devices the weak link in cyber security?

According to a post on HIPAA Journal, 60% of healthcare organizations have already introduced networked medical devices into their technical infrastructure. Networked medical devices are the healthcare version of the “internet of things” (IoT) – smart devices that communicate with applications, such as the EHR, and with one another without human intervention. The problem – many medical devices aren’t cyber-secure!  89% of the organizations reporting the use of networked medical devices also repor ...

1 2 3 4 5 6