GDPR – the “Undo” Button for Personal Data?

The European Union’s General Data Protection Regulation (GDPR) goes into effect May 25th, about two weeks from now.  In the news it is often being called "overreaching" and "impractical," but its objective is to place control of personal data back in the hands of the EU citizens.  Maybe I’m “old school” (aka dinosaur), but I believe in privacy and the ability to protect my data.  Why? Look at these recent events. Let’s start with the Facebook breach of 85 million users.  Most people joine ...

Is Your Security Risk Assessment (SRA) Valid?

We're often told, "I've done a security risk assessment," or "We had one of those done by a company."  When we ask if they have 1) an SRA report, 2) a risk management plan with prioritized corrective actions, 3) a disaster recovery plan, 4) an emergency response plan, 5) a breach notification plan, 6) current training and in use, 7) current policies and procedures; we get blank stares.  We've also performed SRAs after some of the large, "known" compliance consulting firms have performed an SRA.  What ...

Are you Cyber Confident?

In our conversations with healthcare practice managers and CIOs - whether at small-to-medium practices, dental offices, outpatient facilities, or hospitals - we've found that few leaders feel confident in their organization's ability to protect against and respond to cyber threats. Managers of smaller organizations have told us "It's like a monster out there just waiting to get us, and there's nothing we can do about it."  Even CIOs at larger organizations who feel confident about having the right technolo ...

HIMSS 2018 – Take Aways

I attended the national HIMSS 2018 conference in Las Vegas a few weeks ago.  43,000+ roaming loose in Vegas, primarily in a few hotels and the Sands Expo Center.  It was mayhem.  I attended the Cyber Security Symposium all day Monday.  Six sessions focused on cyber security and best practices.  I then attended the keynote speech by Eric Schmidt, the CEO of Alphabet, the parent company of Google. Tuesday was primarily more sessions and a few minutes out in the expo "acres" wandering around trying to ...

Overcoming Organizational Roadblocks to Cyber Security 

In many organizations, cyber security is perceived as one of those “important-but-not-urgent” issues that keep getting put off in deference to the pressing issues of the day – insurance denials, staffing, readmissions, patient no-shows, supply shortages…the list goes on.  It’s not that organizational leaders are doing nothing. In most organizations, the basic pieces, such as a HIPAA-compliant EHR, firewall, anti-virus software, and staff training, are all in place. It is these very safeguards ...

Cybersecurity and The Endless List of Compliance

I recently wrote about insurance companies raising the bar on business to protect their valuable data to acquire cyber liability insurance.  But, it's not just insurance companies that are raising the bar. Governments around the globe are now requiring all types of companies to be compliant with some type of standard to better protect the data they possess.  What many people don't realize is these standards are all based on the protection of personal/private/confidential/sensitive/valuable informatio ...

Internet of Medical Things:  Real Security Threat or Hype?

For decades, healthcare medical devices functioned as freestanding tools. Glucometers, lasers, infusion pumps, pressure monitors, neonatal incubators, heart monitors – each serving its unique function independently of the others. With the widespread implementation of electronic health records (EHRs), however, and the push for increased digitization of health information, these devices have increasingly been networked into the patient information ecosystem.  They now transmit PHI between a myriad of syste ...

With the New Year, New Regulations!

With each New Year, we always look back and review the significant events of the previous year.  By all accounts, 2017 was a wild and woolly year!  World and national politics, the stock market, terrorism and acts of mass violence, devastating hurricanes, and forest fires! The digital world saw big changes as well with the repeal of net-neutrality and some major cyber breaches.   The Equifax breach effectively impacted half the population of the United States. Uber affected another 57 million people ...

Protect Your Clients, Your Clients’ Data, and Your Business – a webinar offered by Developmental Services Network

Robert Felps, CEO of Third Rock, is proud to present a cybersecurity webinar - Protect Your Clients, Your Clients' Data, and Your Business - for Developmental Services Network on Thursday, January 18, 2018, 10:30am-11:30am PST. Did you know your client data is worth 50 times more than a credit card number on the dark web? A HIPAA approved client management system does not make you HIPAA compliant, nor does it completely protect your client data. Learn steps to improve your cybersecurity and ach ...

Third Rock Streamlines SECURETexas Privacy and Security Certification

Round Rock, TX – December 19, 2017 – Third Rock, who was awarded preferred vendor status with Texas Health Services Authority (THSA) in August this year, has streamlined the SECURETexas certification process to help healthcare organizations reduce liability by better securing patients’ Protected Health Information (PHI). Third Rock has incorporated the question set for the SECURETexas certification program into CompassDB, Third Rock's compliance management system.  Third Rock has shown that by ut ...

1 2 3 4 5 6 15