The Big Boys’ 2016 Cyber Security Reports

The "big boys" in cyber security have released their annual Cyber-Security reports, ugh or UGH.  Cyber security is so important now that some companies have jumped into the mix of providing a report.  AT&T released their first cyber-security report this year. Forbes has a great article by Steve Morgan, outlining all of the reports and providing links to download all of them.  I'll try to sum them all up in a short list here.  But, check Mr. Morgan's article out for more in-depth summaries and links ...

Your iPhone Is a Target for Criminals

Check Point Software released their April 2016 Threat Index revealing what we all know; cyber-threats are rising at alarming rates.  The report shows Apple's iOS devices are under heavier attack than reported in previous reports. Over 2,000 unique malware families were identified by Check Point during April, which they state is a 50 percent increase over March, and you thought rabbits multiplied rapidly!  The iOS issue comes from the fact they found XcodGhost had moved into the top three most common mobi ...

Primary Cyber Security Threats

We're often asked "How likely is it that we will be audited by the government (OCR) for HIPAA compliance?"  Our response is "It's highly unlikely to be selected to be audited by the OCR".  We immediately follow up with, "However, it's highly likely you will have a breach of PHI or ePHI, which will then trigger an audit by the OCR, and 15,000 audits were started because of someone reporting a practice to the OCR, either a patient, employee, or business associate."  Therefore, take steps to Protect you ...

What’s your security score?

  There are a number of ways to become the subject of an OCR HIPAA audit.  The most unlikely way is to be selected for a random audit and if that happens, go buy a lottery ticket! Complaints filed by dissatisfied customers and/or disgruntled employees resulted in about 15,000 investigations last year.  Suffer a breach and OCR will be knocking on your door.  As the number and severity of breaches continue to increase, third party companies are becoming much more efficient at identifying com ...

Anti-virus products, security devices affected by 7-Zip vulnerability

Two vulnerabilities have been uncovered by researchers in a open-source Windows utility called 7-Zip. This program provides compression and archiving tools for files. While many of our readers may not know what, or who, 7-Zip is, it is likely that other products that you do use or know about rely on 7-Zip in their programs. Some of the vendors that have 7-Zip integrated include FireEye, Malwarebytes, and Comodo. This means whether you use 7-Zip directly or not, you may be vulnerable. Cisco Talos re ...

Protecting Patient Health Information

The Meaningful Use advisers at the North Texas Regional Extension Center have a lot of experience working with physicians and Patrick Casey makes some good points about the need to protect patient health information. Protected Health Information (PHI) is a hot commodity on the black market and well worth your time to learn how to protect.  It’s a quick read that healthcare providers (doctors, office managers and all staff) need to read and understand. Protecting Patient Health Information by Patri ...

Focus on Security: Backups – The Ultimate Cyber-Security Weapon

Backups, we all believe and trust they are being performed regularly and will work if we ever need to restore our business after a natural disaster, malicious attack or cyber-attack, such as ransom-ware.  The reality is backups are not historically reliable and they become out of sight, out of mind!  You need to ensure they are being performed regularly and restoring from the backup media works. ePHI data is highly desirable by criminals because it is worth far more than credit card information on th ...

Focus on Technology: ePHI Encryption

Five years ago encryption was not common, nor cheap.  Today, it's everywhere and inexpensive to implement. Yet, healthcare still considers it a nuisance, ignores it or assumes their EHR or patient management software provides complete encryption. Consider the fact that ePHI is worth $500 per record and a credit card number is worth $0.50 (50 cents), it's time for healthcare providers and their business associates to batten down the hatches on their ePHI.  Cyber criminals want it and will find it.  Me ...

Data Hemorrhage – Find and Stop the Bleeding

We bleed data constantly. Data hemorrhage! Why? Because it is self-propagating. The more important the data, the faster it seems to reproduce. Important data has to be backed up. It will end up in the cloud, actually multiple clouds. I’ll print a copy and store it in my file cabinet, just in case. Probably be good to burn it on a CDROM as well for my long term records. High quality data is used for analysis via a spreadsheet, to project future business trends, revenue, and sales projections. You can make ...

Reduce the Burden of HIPAA While Increasing Your Protection

If you missed our recent webinar on Reduce the Burden of HIPAA While Increasing Your Protection you can watch it on-line now. Ed Jones, Third Rock's Chief Compliance Officer, keeps this presentation updated to help your stay current on HIPAA and cyber-security.  We offer the course to professional associations and local healthcare societies, board of directors and executives and as a Continuing Education (CE) course.  Contact us if you're interested in a private webinar with Q&A. Please join Ed ...

1 2 3 4 5 6