Focus on Technology: Change Your Router Passwords!

One of the most common services in healthcare is the connection to the internet. With all the focus on security and cyber breaches, one of the most vulnerable pieces on your connection to the internet is what is called the router / gateway. The router / gateway connects your computers and devices to the public internet and in many cases provides the initial security or barrier through the use of a built-in firewall. The problem is, that while this is the door, the gateway to the internet, it is a two way ...

Why using Gmail, Yahoo Mail, or Hotmail in healthcare is bad

Time and time again we see healthcare organizations using free email accounts. While convenient, it is an extremely dangerous decision in a world where HIPAA fines are increasing in cost and occurrence. If you or your employees have access to or use the free email services from you organization’s network, either officially for business and/or for personal use, you are at an extreme risk of being breached! Why? Think about what can be sent via email. Whether you are using email to send patients r ...

Protect your patients, protect your practice, protect yourself.

The healthcare industry is beginning to realize that HIPAA is here to stay and they are probably going to be audited sooner or later.  What physicians and all healthcare providers need to understand is that if you don't protect your patients' PHI/ePHI the following can happen to your patients as a result of their identity being stolen and used. NOT Protecting Your Patients' (PHI/ePHI): You can cause them financial difficulties or even financial ruin. You can cause them undue stress, even a str ...

HIPAA Violation leads to jail time

An east Texas man, Joshua Hippler, was sentenced to 18 months in jail for violating HIPAA regulations. Basically, he was trying to sell PHI for personal gain.  He worked in a hospital and obtained PHI that he planned to sell.  The story here is not about Mr. Hippler, it's about you being held accountable for the protection of PHI.  It's important to understand that you can now serve jail time for NOT being HIPAA compliant. Yes, it's true, Hippler had criminal intent, but if you take HIPAA lightly and ...

Healthcare under attack by new strain of ransomware

FireEye Labs has identified massive email campaigns by cyber-criminals during Aug, 2016 containing the Locky ransomware embedded in DOCM attachments.  DOCM is Open XML Macro-Enabled Document file used in Microsoft Word.  Which means the file contains a macro which MS Word will execute when you open the file in MS Word.  Healthcare is the leading industry targeted by the campaign. The healthcare industry is now the "industry of choice" by cyber-criminals since Protected Health Information (PHI/ePHI) i ...

Healthcare entity leaves its patients exposed after breach

  Athens Orthopedic Clinic (AOC) in Georgia, suffered a cyber-attack in June of 2016 that impacted roughly 200,000 patients.  If that's not bad enough, AOC is not able to pay for extended credit monitoring for its victims.  The healthcare industry, including small, single doctor practices, needs to sit up and take notice. Cyber criminals are at your back door, front door and trying to crawl through your networks.  You need to take action to Defend, Detect, and Defeat cyber breaches from steal ...

Achieving Your HIPAA Gold Medal

With the 2016 Summer Olympics in full swing I thought it apropos to use the analogy of achieving a gold medal to obtaining HIPAA compliance.  I know, not really fair or nice to the Olympics and Olympians, but it makes a decent blog post and a good analogy.   So, bear with me and work on achieving your HIPAA gold medal. Vision You need a clear vision.  You will obtain your goal of being HIPAA compliant.  You need to clearly understand what that requires.  Take our Free Risk Assessment to better un ...

Third Rock Announces CompassDB™ – A Comprehensive Compliance Management Platform

Austin, TX, - Aug. 3, 2016 – Third Rock, provider of HIPAA Worry-Free Compliance™, announced CompassDB™ their compliance management platform.  CompassDB™ is designed to significantly reduce the cost and burden of HIPAA compliance for all parties involved.  Consulting firms who provide compliance services, and the clients, Covered Entities and Business Associates on which HIPAA regulations are focused, all will benefit. CompassDB™ is a cloud solution that provides safe, secure, web based s ...

HIPAA Crossword Puzzle

HIPAA Crossword Puzzle Third Rock We thought it might be good to have you learn more about HIPAA through a challenging crossword puzzle. We hope you enjoy completing the puzzle and learn a little about HIPAA in the process.  You can click the image below to download the PDF version and print it off. Answers Across: 2. PHI 3. backups 5. ice cream 6. HIPAA 8. risk assessment 10. covered entities 12. disaster recovery 15. PII 17. cyber breach 20. cyber security 21. audit 22. lemonade ...

Primary Cyber Security Threats

We're often asked "How likely is it that we will be audited by the government (OCR) for HIPAA compliance?"  Our response is "It's highly unlikely to be selected to be audited by the OCR".  We immediately follow up with, "However, it's highly likely you will have a breach of PHI or ePHI, which will then trigger an audit by the OCR, and 15,000 audits were started because of someone reporting a practice to the OCR, either a patient, employee, or business associate."  Therefore, take steps to Protect you ...

1 2 3 4 5