HIPAA Compliance – After the Risk Assessment, Then What? Breach Detection

As we noted previously, there are numerous requirements for HIPAA compliance.  A top priority after the risk assessment is cyber security to prevent and detect cyber breaches. In this age of data breaches – from cyber breaches to equipment theft/loss, addressing the issue of continuous monitoring of your network and your networked devices might be the second item to address on your list of HIPAA compliance activities.  The Office of Civil Rights (DHHS) states that security is now 80% of the requireme ...

Even the big boys don’t always protect your network and data.

If you think someone else is protecting your computers, networks and data from cyber-threats you might want to think again.  You must take responsibility to implement a cyber-security plan.  Even consumers need to think defensively and take action.  The latest news says Dell has problems with their production process, which has allowed problems with computer configurations that allow for easier cyber-breaches. Dell security flaws reignite debate on pre-installed software Take Away: Start today to creat ...

Every business needs to have a cyber-security plan.

If you're in business and have any type of connection to the Internet you need to think about how to protect your business and your customers.  Here's a brief article by Kemp Little that addressNo Sensible business ignoring cyber threats says Kemp Little cyber-threats for all businesses. No Sensible business ignoring cyber threats says Kemp Little Take Away: Start today to create a cyber-security plan. ...

Focus on Technology: Anti-Virus Software Fails Us

As computer users we've become acclimated to using anti-virus software to keep our systems secure. However, in recent years that's no longer enough. Based on the security industries' numbers, anti-virus software only catches 45 to 55% of viruses and malware. Marc Goodman, recognized cybercrime expert noted in his recent book “Future Crimes” university studies indicate that antivirus software captures only 5% of emerging malware. Add to that the antivirus software industry reports that between 100,000 to ...

Coffee Makers and World Mayhem!

We’ve all heard or read about cyber breaches and viruses taking down clouds of computers or stealing millions of customer records.  But have you ever thought about a virus shutting off your coffee maker.  You might ask, “Why would a criminal want to turn off my coffee maker?”  Well, you’re not thinking like a criminal or an aggressive nation.  Instead of thinking about it on a personal basis, “Why did these scums crash my computer and cause me to lose all my data!”, think about the pandemoni ...

HIPAA Compliance – How to Get Started?

You may have asked yourself – how HIPAA compliant are we really?  What constitutes HIPAA compliance?  How often do I need to check? There are numerous requirements for HIPAA compliance – performing an annual risk assessment, up-to-date training, maintaining current policies and procedures, having a contingency plan, having your data encrypted at rest and in motion, continuous monitoring of all networks and networked devices, just to name a few. Those are a lot of things to contend with but where ...

Focus on Technology: Anti-virus Maintenance

We see many covered entities that do NOT maintain their anti-virus.  It is EXTREMELY important that your IT staff (MSP) keeps the anti-virus definitions set for auto-update and that the anti-virus software itself is updated as needed.  We suggest that you have a monthly review of each computer and make sure the anti-virus software and definitions are current and working correctly. It's wise to review your anti-virus solution each year too.  There are usually a few top tier solutions that keep their so ...

ePHI = Money = Thieves

Our compliance officer created this slide for a presentation recently and I thought, what a simple way to get the point across about Protected Health Information (PHI).  An individual's complete  ePHI records are worth up to $500 on the black market.  Cyber-criminals are not longer focused on credit cards as they can be readily cancelled.  They now want ePHI as evidenced by the fact that over 10 times more PHI records were stolen in the first three months of 2015 than were stolen in all of 2014! I bel ...

Third Rock – Our CEO was Security Panelist at Health Tech ATX

Robert Felps, Third Rock CEO, was one of three panelist for the Health Tech ATX conference in Austin, TX on October 7.  There were over 75 Healthcare executives and security experts in attendance.  One of the main focuses was on the extreme rise in Healthcare cyber-security breaches and how to address them.  HIPAA compliance was the number one response from the panelist.  You must do a Risk Assessment to know what issues you have and prioritize the remediation of those issues.  The changes brought abo ...

Humanizing ePHI, Forget the Numbers

Patients at the hospital consulting a doctor Let's take a minute and just say, screw the numbers! Yes, I said it. We all tend to get hung up on the numbers out there on cyber breaches, HIPAA fines, ePHI, etc. At some point you either get it or you don't.  For doctors and healthcare providers, the patient's welfare is their business. I am guessing that for most in this business, they really do care and it is not just about money. Now if you are all about the money, this blog post may not be for you. W ...

1 8 9 10 11 12 13 14 15 16 17 18