Closing the Cybersecurity Gap

As we hear more and more about breaches and ransomware in businesses and especially healthcare, it is becoming an even greater concern for healthcare business owners. It is no longer if you will be attacked, but when and how often. The first step in closing the cybersecurity gap is to realize that you can't do it on your own. Cybersecurity is not finding your basic "IT guy" that "can fix it". It is about obtaining the right resource whether that is a full time hire or a managed service. The next thin ...

Cybersecurity: Make It Your Top Priority for 2017

Cesar Cerrudo wrote a great article, Why Cybersecurity Should Be The Biggest Concern Of 2017, that everyone who owns any connected device should read.  As our Chief Compliance Officer, Ed Jones, keeps stating, it is the "Internet of Threats".  Steve Sarnecki wrote a good article, The Internet of Things or the Internet of  Threats?, discussing the value of the IoThings and the threats of IoThreats. Everyone needs to take a few minutes to read about the IoT and Cybersecurity, then invest the time to m ...

Healthcare under attack by new strain of ransomware

FireEye Labs has identified massive email campaigns by cyber-criminals during Aug, 2016 containing the Locky ransomware embedded in DOCM attachments.  DOCM is Open XML Macro-Enabled Document file used in Microsoft Word.  Which means the file contains a macro which MS Word will execute when you open the file in MS Word.  Healthcare is the leading industry targeted by the campaign. The healthcare industry is now the "industry of choice" by cyber-criminals since Protected Health Information (PHI/ePHI) i ...

Healthcare entity leaves its patients exposed after breach

  Athens Orthopedic Clinic (AOC) in Georgia, suffered a cyber-attack in June of 2016 that impacted roughly 200,000 patients.  If that's not bad enough, AOC is not able to pay for extended credit monitoring for its victims.  The healthcare industry, including small, single doctor practices, needs to sit up and take notice. Cyber criminals are at your back door, front door and trying to crawl through your networks.  You need to take action to Defend, Detect, and Defeat cyber breaches from steal ...

Focus on Security: Backups – The Ultimate Cyber-Security Weapon

Backups, we all believe and trust they are being performed regularly and will work if we ever need to restore our business after a natural disaster, malicious attack or cyber-attack, such as ransom-ware.  The reality is backups are not historically reliable and they become out of sight, out of mind!  You need to ensure they are being performed regularly and restoring from the backup media works. ePHI data is highly desirable by criminals because it is worth far more than credit card information on th ...

Focus on Technology: ePHI Encryption

Five years ago encryption was not common, nor cheap.  Today, it's everywhere and inexpensive to implement. Yet, healthcare still considers it a nuisance, ignores it or assumes their EHR or patient management software provides complete encryption. Consider the fact that ePHI is worth $500 per record and a credit card number is worth $0.50 (50 cents), it's time for healthcare providers and their business associates to batten down the hatches on their ePHI.  Cyber criminals want it and will find it.  Me ...

Reduce the Burden of HIPAA While Increasing Your Protection

If you missed our recent webinar on Reduce the Burden of HIPAA While Increasing Your Protection you can watch it on-line now. Ed Jones, Third Rock's Chief Compliance Officer, keeps this presentation updated to help your stay current on HIPAA and cyber-security.  We offer the course to professional associations and local healthcare societies, board of directors and executives and as a Continuing Education (CE) course.  Contact us if you're interested in a private webinar with Q&A. Please join Ed ...

Dental practice hacked – Healthcare practices under attack.

We've all read in the news about large healthcare providers and insurers being hacked and losing millions of patient records.  However, small practices need to realize why they too are targets for cyber attacks. Cyber criminals are breaching dentist, orthodontists, optometrists, ophthalmologists, nursing homes, assisted living facilities, home healthcare, hospices, CCRCs, chiropractics, therapists, and every other healthcare practice in addition to hospitals and insurance companies. If you're a healthc ...