Healthcare entity leaves its patients exposed after breach

  Athens Orthopedic Clinic (AOC) in Georgia, suffered a cyber-attack in June of 2016 that impacted roughly 200,000 patients.  If that's not bad enough, AOC is not able to pay for extended credit monitoring for its victims.  The healthcare industry, including small, single doctor practices, needs to sit up and take notice. Cyber criminals are at your back door, front door and trying to crawl through your networks.  You need to take action to Defend, Detect, and Defeat cyber breaches from steal ...

Focus on Security: Top Ten Tips for Cyber-Security for Small Businesses

I know it's getting old and boring, but cyber-criminals are focused on PHI, which means we, in healthcare, need to take action to protect it. The SBA has a helpful list of cyber-security tips posted on their web site.  It's a great starting point to harden your defenses and defend against the highly likely cyber-breach.  Here's a summary of what's covered. Protect against viruses, spyware, and other malicious code Secure your networks Establish security practices and policies to protect ...

Focus on Technology: Windows 10 Wi-Fi Sense

Windows 10 has a feature called Wi-Fi Sense, which will automatically share your Wi-Fi connection with other electronic equipment.  Sounds great, doesn't it?  No more writing down or repeating SIDs and passwords to let people access your secure, private wireless network.  Well, I consider this a bad idea for business.  This is a simple cyber-security issue to consider.  I would encourage you to consider turning the feature off to be more secure vs more convenient.  Letting people access your wireless ...

Achieving Your HIPAA Gold Medal

With the 2016 Summer Olympics in full swing I thought it apropos to use the analogy of achieving a gold medal to obtaining HIPAA compliance.  I know, not really fair or nice to the Olympics and Olympians, but it makes a decent blog post and a good analogy.   So, bear with me and work on achieving your HIPAA gold medal. Vision You need a clear vision.  You will obtain your goal of being HIPAA compliant.  You need to clearly understand what that requires.  Take our Free Risk Assessment to better un ...

Is HIPAA Worth It?

HIPAA is yet another government mandate for American healthcare businesses to address.  We all know it's time consuming, requires a lot of effort to learn, stay current on and to implement.  Plus, it's costly.  But, is it worth it?  Does it truly help the covered entity or business associate in the long run.  You might be surprised by the answer. The simple answer is ABSOLUTELY. First, let's look at HIPAA goals. Basic Goals of HIPAA Portability: To allow patients to transfer their records ...

Advocate Health Care Fined $5.5 Million for HIPAA Violations

Advocate Health Care Network, of Illinois, reported three breaches in 2013.  Four desktop computers containing approximately four million patients' ePHI.    The OCR stated "This significant settlement, the largest to-date against a single entity, is a result of the extent and duration of the alleged noncompliance (dating back to the inception of the Security Rule in some instances), the involvement of the State Attorney General in a corresponding investigation, and the large number of individuals wh ...

Third Rock Announces CompassDB™ – A Comprehensive Compliance Management Platform

Austin, TX, - Aug. 3, 2016 – Third Rock, provider of HIPAA Worry-Free Compliance™, announced CompassDB™ their compliance management platform.  CompassDB™ is designed to significantly reduce the cost and burden of HIPAA compliance for all parties involved.  Consulting firms who provide compliance services, and the clients, Covered Entities and Business Associates on which HIPAA regulations are focused, all will benefit. CompassDB™ is a cloud solution that provides safe, secure, web based s ...

Focus on Security: Phishing for Malware

85 percent of organizations have suffered phishing attacks! That is straight from the Wombat 2016 State of the Phish report.  Is that depressing or what!  The sad thing is, phishing can be thwarted most of the time.  But, it requires diligent training of your ENTIRE staff.  Including the board members, owners, executives and doctors.  Everyone needs to be trained to identify phishing attacks and resist opening the link and/or attachment. A few stats from the report. 85% of organizations ...

Focus on Security: Printer Security

We all know we need to improve our computer and network security.  But we often forget that printers are now smart and connected.  Basically, they're another computer on the network. Therefore, we all need to take notice and insure we improve security on our printers.  The exact steps will vary depending on the brand, size, complexity, connection type and features of each printer.  But, below are several steps you can take to get started. Network - secure it Make sure you have a strong password on ...

HHS Releases New Guidance on Ransomware

One of the top newsmakers of 2016 has been ransomware.  During the first half of this year, ransomware grew 300% to 4,000 daily attacks! But several high profile attacks of hospitals really put it in the spotlight.  Although it has been around for several decades, in the past 4 years, Russian groups have further developed its capabilities and propagated its use worldwide. The dark web or darknet also significantly contributed to the increase in ransomware attacks due to its black market for such products. ...

1 2 3 4 5 6 7 8 9 10 11 15