Best Defense Against Ransomware is a Good Backup

By now, most have heard or been affected by the WannaCry ransomware that has spread to over 150 countries at last count. The WannaCry ransomware started taking over users' files on Friday, demanding $300 to restore access. Hundreds of thousands of computers have been affected so far. Computer giant Microsoft said the attack should serve as a wake-up call. The first line of defense in this is always having a properly maintained firewall both on your network and on each individual computer system. Ho ...

Rentsys, Third Rock to Offer Guidance for HIPAA Compliance in DRJ Webinar

FOR IMMEDIATE RELEASE Rentsys, Third Rock to Offer Guidance for HIPAA Compliance in DRJ Webinar College Station, TX – February 07, 2017 – With cybersecurity concerns increasing the urgency for healthcare organizations to comply with the Health Insurance Portability and Accountability Act (HIPAA) security requirements, Brandon Tanner, senior manager for Rentsys Recovery Services, and Robert Felps, CEO/CISO for compliance and risk management firm Third Rock, will be offering guidance for HIPAA compli ...

Healthcare under attack by new strain of ransomware

FireEye Labs has identified massive email campaigns by cyber-criminals during Aug, 2016 containing the Locky ransomware embedded in DOCM attachments.  DOCM is Open XML Macro-Enabled Document file used in Microsoft Word.  Which means the file contains a macro which MS Word will execute when you open the file in MS Word.  Healthcare is the leading industry targeted by the campaign. The healthcare industry is now the "industry of choice" by cyber-criminals since Protected Health Information (PHI/ePHI) i ...

HHS Releases New Guidance on Ransomware

One of the top newsmakers of 2016 has been ransomware.  During the first half of this year, ransomware grew 300% to 4,000 daily attacks! But several high profile attacks of hospitals really put it in the spotlight.  Although it has been around for several decades, in the past 4 years, Russian groups have further developed its capabilities and propagated its use worldwide. The dark web or darknet also significantly contributed to the increase in ransomware attacks due to its black market for such products. ...

Focus on Security: Backups – The Ultimate Cyber-Security Weapon

Backups, we all believe and trust they are being performed regularly and will work if we ever need to restore our business after a natural disaster, malicious attack or cyber-attack, such as ransom-ware.  The reality is backups are not historically reliable and they become out of sight, out of mind!  You need to ensure they are being performed regularly and restoring from the backup media works. ePHI data is highly desirable by criminals because it is worth far more than credit card information on th ...

After the Risk Assessment, Then What? How Often Do I Need to Check?

As we noted previously, there are numerous requirements for HIPAA compliance.  A follow-up question often heard is “How often do I have to do these things?” Risk assessments officially need to be performed on an annual basis but regularly reviewing your risk remediation plan throughout the year is a business “best practice” for any organization. Policies and Procedures need to be reviewed and changed depending upon federal law changes and changes in your organization.  New processes, new tec ...

After the Risk Assessment, Then What? Planning for Emergency Events

As we noted previously, there are numerous requirements for HIPAA compliance.  Being prepared for future emergency events is often identified in the Risk Assessment as a HIPAA compliance requirement that needs to be addressed. Preparing for future events is often overlooked by many healthcare entities.  Just dealing with the issues of the day can take up the majority of your time.  However, being prepared for future events, besides being a HIPAA requirement, also makes good business sense. What HIP ...

Third Rock Introduces Comprehensive HIPAA / HITECH Compliance Solution

Round Rock, Tx, Dec. 03, 2014 – Third Rock, a business technology consulting firm  focused on improving operational performance through effective and efficient compliance, has taken decades of security and enterprise experience and created a stream-lined, affordable HIPAA /  HITECH compliance solution that small and medium businesses can afford. Third Rock’s Worry-Free ComplianceTM provides all of the required elements to meet current HIPAA / HITECH requirements.  Included is continuous network se ...

Road Blocks to Creating Your Contingency Plan

Why Everyone Needs Help Creating a BC/DR (Contingency) Plan Creating a contingency plan is a huge undertaking.  It’s a major project for any company, small or large.  It’s a major project for any company, small or large; an integration effort which requires a large amount of time from experts across the company and often outside the company, including executives, managers, staff, vendors and consultants. While creating a contingency plan for a large health care provider I realized part of the pro ...

Outgrowing the “As Needed” Technology

All organizations have been there, that start-up company that is more worried about making a profit than what its technology plan is for the next year, let alone three plus years. When you are a small company with a few employees or maybe even just yourself, it is easy to get in to the routine of simply grabbing a solution to fit the need you have at that moment. Honestly, there is no reason to even try to change someone’s mind that is going about their technology purchases in an “as needed” basis. ...

1 2