Primary Cyber Security Threats

We're often asked "How likely is it that we will be audited by the government (OCR) for HIPAA compliance?"  Our response is "It's highly unlikely to be selected to be audited by the OCR".  We immediately follow up with, "However, it's highly likely you will have a breach of PHI or ePHI, which will then trigger an audit by the OCR, and 15,000 audits were started because of someone reporting a practice to the OCR, either a patient, employee, or business associate."  Therefore, take steps to Protect you ...

What’s your security score?

  There are a number of ways to become the subject of an OCR HIPAA audit.  The most unlikely way is to be selected for a random audit and if that happens, go buy a lottery ticket! Complaints filed by dissatisfied customers and/or disgruntled employees resulted in about 15,000 investigations last year.  Suffer a breach and OCR will be knocking on your door.  As the number and severity of breaches continue to increase, third party companies are becoming much more efficient at identifying com ...

Anti-virus products, security devices affected by 7-Zip vulnerability

Two vulnerabilities have been uncovered by researchers in a open-source Windows utility called 7-Zip. This program provides compression and archiving tools for files. While many of our readers may not know what, or who, 7-Zip is, it is likely that other products that you do use or know about rely on 7-Zip in their programs. Some of the vendors that have 7-Zip integrated include FireEye, Malwarebytes, and Comodo. This means whether you use 7-Zip directly or not, you may be vulnerable. Cisco Talos re ...

Protecting Patient Health Information

The Meaningful Use advisers at the North Texas Regional Extension Center have a lot of experience working with physicians and Patrick Casey makes some good points about the need to protect patient health information. Protected Health Information (PHI) is a hot commodity on the black market and well worth your time to learn how to protect.  It’s a quick read that healthcare providers (doctors, office managers and all staff) need to read and understand. Protecting Patient Health Information by Patri ...

Focus on Security: Backups – The Ultimate Cyber-Security Weapon

Backups, we all believe and trust they are being performed regularly and will work if we ever need to restore our business after a natural disaster, malicious attack or cyber-attack, such as ransom-ware.  The reality is backups are not historically reliable and they become out of sight, out of mind!  You need to ensure they are being performed regularly and restoring from the backup media works. ePHI data is highly desirable by criminals because it is worth far more than credit card information on th ...

Macro malware hidden in Office documents makes a comeback

Just when you thought it couldn't get any worse, the cyber-criminals pile on more threats. More reason to train your staff on cyber-security and get your cyber-security in order before it's too late. Repost from FierceITSecurity ... The year 2015 saw the resurgence of macro malware hidden in seemingly legitimate Microsoft Office documents. To trick recipients of emails with infected files, attackers use social engineering techniques, such as naming the file "invoice details" or "resume," related se ...

Healthcare Breaches Caused By Criminal Attacks

Last year the Ponemon Institute’s Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data revealed a shift in the root cause of data breaches from accidental to intentional.  This is worth noting for all healthcare providers, large and small.  It’s not enough to provide good, current cyber security training to all of your employees, but you must improve your overall cyber security to protect your highly valuable ePHI. FierceHealthIT wrote up a good summary on the report, read it ...

Is 2016 going to be “The Sequel” for Healthcare?

We all love sequels of our favorite movies. Unfortunately, when it comes to healthcare breaches, there is not much to love about the likelihood of a 2016 sequel to a record breaking 2015. At the end of 2014, which was recognized as the “The Year of the Cyber Breach”, many industry leaders, including Third Rock, predicted 2015 to be the year of the “Healthcare Breach.” It didn’t take long to for the prediction to come true. By the end of the first quarter, an estimated 91 million healthcare record ...

Third Rock CEO serves as panelist for ISC(2) Challenges in Healthcare IT

Robert Felps, Third Rock CEO, was one of four panelist for the ISC(2) Austin Chapter in Austin, TX on March 14 discussing Challenges in Healthcare IT.  There were over 50 security experts in attendance.  The focus was on the state of Healthcare cyber-security.  HIPAA compliance was a primary focus from the panelist.  You must do a [Security] Risk Assessment to know what issues you have and prioritize the remediation of those issues.  The changes brought about by HITECH and later updates to HIPAA mak ...

Third Rock Introduces Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! CE course for Free to HealthCare Associations and Members

# # # FOR IMMEDIATE RELEASE Contact: Robert Felps rjf@thirdrock.com 512-310-0020 Third Rock Introduces Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! CE course for Free to HealthCare Associations and Members Austin, Tx, Mar 8, 2016 – Third Rock, provider of HIPAA Worry-Free Compliance™, is offering a free continuing education (CE) course to any Healthcare Association or Organization on Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! T ...

1 2 3 4 5 6 7 8