HIPAA Compliance – The Moving Finish Line

The overarching goal of HIPAA compliance is to protect the individual; both the patients’ health and their finances. Protection of the patients’ health is ensuring their medical records are not corrupted or lost, and readily available when needed. The financial protection is prevention of identity theft and other cyber-crimes. HIPAA began as a law to enable an individual to maintain health insurance when changing jobs but with the addition of federal and state regulations, and the HITECH act, it has ...

Security Alert: U.S. government warns on bug in Apple’s iOS software

The U.S. government warned iPhone and iPad users on Thursday to be on the alert for hackers who may exploit a vulnerability in Apple Inc's (AAPL.O) iOS operating system that would enable them to steal sensitive data. There was the potential for hacks using a newly identified technique known as the "Masque Attack," the government said in an online bulletin from the National Cybersecurity and Communications Integration Center and the U.S. Computer Emergency Readiness Teams. Read the full story on Reuter ...

Security Alert: Microsoft issues emergency patches for all Windows

Microsoft has issued emergency patches for a flaw that affects all supported versions of Windows. It’s a nasty one – a vulnerability in Windows’ implementation of the protocols for encrypting internet communications. The critical flaw lies in Secure Channel (Schannel), a security package – used by Internet Explorer — that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. While there’s no evidence of its exploitation yet, it allows attackers to rem ...

HIPAA Bulletin: HIPAA Privacy in Emergency Situations

View HIPAA Compliance Solution In light of the Ebola outbreak and other events, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), is providing this bulletin to ensure that HIPAA covered entities and their business associates are aware of the ways in which patient information may be shared under the HIPAA Privacy Rule in an emergency situation, and to serve as a reminder that the protections of the Privacy Rule are not set aside during an emergency. The HIPAA Privac ...

Hackers Are Exploiting Microsoft PowerPoint to Hijack Computers

Hackers are exploiting a security flaw in Microsoft Office by using PowerPoint to attack Windows users and gain control of computer systems. Microsoft, in a security advisory on its website, says there have been "limited, targeted attacks" against users through Microsoft PowerPoint. An attacker who successfully exploits the security flaw could gain complete control of the system. With that sort of control, hackers could execute code remotely, alter or delete data and install harmful programs, like malwar ...

HHS Attorney says get ready for larger HIPAA fines

Ready to break the annual budget? If you are not HIPAA compliant and get caught, you are going to have to pony up even more money for HIPAA fines, predicts a high ranking Department of Health and Human Services (HHS) attorney! HHS Chief Regional Civil Rights Counsel Jerome Meites made the prediction at an American Bar Association conference on Thursday in Chicago. We have already seen record breaking fines handed out over the last year, which makes this even more shocking to the industry. Law360, t ...

Outgrowing the “As Needed” Technology

All organizations have been there, that start-up company that is more worried about making a profit than what its technology plan is for the next year, let alone three plus years. When you are a small company with a few employees or maybe even just yourself, it is easy to get in to the routine of simply grabbing a solution to fit the need you have at that moment. Honestly, there is no reason to even try to change someone’s mind that is going about their technology purchases in an “as needed” basis. ...

Huge Rise in HIPAA Data Breaches

Based on Healthcare IT News' February article "HIPAA data breaches climb 138 percent", it is becoming clear that compliance fines may be the least of the concern for health related businesses. A lot of clients that we talk with are primarily concerned with making sure that they are meeting the requirements that HIPAA has brought. That is not to say they do not care about the personal data of their clients, they most certainly do. However with today's every changing landscape in technology, it is near imposs ...

BCDR is the operations plan

I have been involved with assessing Business Continuity and Disaster Recovery (BCDR) plans and their development for over 25 years.  It always seems that DR planning is an afterthought and starts with system backups.   Typically, companies build out their IT infrastructure based on the business requirements. When it's finished someone asks, "How do we recover this if something bad happens?"  That's not 100% true, but most companies don't really plan well for a major disaster.  The proliferation of netw ...

PMP or Not – Two key observations

I keep hearing people say you have to have a PMP or it's required for the job.  I've been an "ad hoc" project manager for a few years, ok, more than I'm going to admit to, let's just say more than 25 years. I've been credited with saving "lost" projects, turning around massively behind schedule and over budget projects and actually launching and completing "mission impossible" projects.  Most of them required some severe bleeding on my part, but working closely with people, being honest with the sponso ...

1 12 13 14 15 16 17 18