Flooding: Are You Prepared?

Here in Texas, the Gulf Coast is about to take a direct hit from a hurricane that is expected to dump up to 30 inches of rain in some locations and up to 10 inches across large areas. That kind of rain will definitely cause serious flooding.  It's a little late for the Texas coastal bend area and the large inland areas that will be hit the hardest to take planning steps for disaster recovery. They're in emergency evacuation mode already, protecting life and reducing property damage. What we can learn from ...

Care Disruption – The Ultimate Security Risk

We in the cybersecurity and HIPAA compliance communities talk a lot about breaches and fines and total costs of breach remediation - yadda, yadda, yadda. All non-trivial realities to be sure, but when the WannaCry ransomware attack paralyzed hospitals and physician practices and pharmacies and surgery centers around the globe, I was thinking about the members of the care team. Elective surgeries can be postponed and lots of routine wellness services, such as eye exams and hearing tests and school physic ...

HIPAA – Standard Operations for Business

HIPAA gets a bad rap - and deservedly so. However, most of that bad rap is because it is set up in a typical government fashion that is hard to understand and make sense of. When you look at the HIPAA laws and guidelines, it is not long before you become more perplexed than you were before. However, once you get past the government's idea of light reading, or by using our CompassDB tool which translates it into a humanly readable language, you realize that the HIPAA guidelines are not really all that cu ...

Best Defense Against Ransomware is a Good Backup

By now, most have heard or been affected by the WannaCry ransomware that has spread to over 150 countries at last count. The WannaCry ransomware started taking over users' files on Friday, demanding $300 to restore access. Hundreds of thousands of computers have been affected so far. Computer giant Microsoft said the attack should serve as a wake-up call. The first line of defense in this is always having a properly maintained firewall both on your network and on each individual computer system. Ho ...

Rentsys, Third Rock to Offer Guidance for HIPAA Compliance in DRJ Webinar

FOR IMMEDIATE RELEASE Rentsys, Third Rock to Offer Guidance for HIPAA Compliance in DRJ Webinar College Station, TX – February 07, 2017 – With cybersecurity concerns increasing the urgency for healthcare organizations to comply with the Health Insurance Portability and Accountability Act (HIPAA) security requirements, Brandon Tanner, senior manager for Rentsys Recovery Services, and Robert Felps, CEO/CISO for compliance and risk management firm Third Rock, will be offering guidance for HIPAA compli ...

Value Proposition of HIPAA Compliance (1 of 2)

If you've been reading our blog very long you know we've discussed Is HIPAA worth it?, What's the ROI?, etc, etc.  This article is really another way to think about why you need to start working on your HIPAA compliance today. What is the Value Proposition of HIPAA Compliance? Identifies weaknesses that make your business vulnerable and liable Improves protection of your patients’ valuable PHI Protects your business from disruptive events – natural and man-made Fortifies your cyber ...

HHS Releases New Guidance on Ransomware

One of the top newsmakers of 2016 has been ransomware.  During the first half of this year, ransomware grew 300% to 4,000 daily attacks! But several high profile attacks of hospitals really put it in the spotlight.  Although it has been around for several decades, in the past 4 years, Russian groups have further developed its capabilities and propagated its use worldwide. The dark web or darknet also significantly contributed to the increase in ransomware attacks due to its black market for such products. ...

HIPAA Crossword Puzzle

HIPAA Crossword Puzzle Third Rock We thought it might be good to have you learn more about HIPAA through a challenging crossword puzzle. We hope you enjoy completing the puzzle and learn a little about HIPAA in the process.  You can click the image below to download the PDF version and print it off. Answers Across: 2. PHI 3. backups 5. ice cream 6. HIPAA 8. risk assessment 10. covered entities 12. disaster recovery 15. PII 17. cyber breach 20. cyber security 21. audit 22. lemonade ...

Third Rock CEO serves as panelist for ISC(2) Challenges in Healthcare IT

Robert Felps, Third Rock CEO, was one of four panelist for the ISC(2) Austin Chapter in Austin, TX on March 14 discussing Challenges in Healthcare IT.  There were over 50 security experts in attendance.  The focus was on the state of Healthcare cyber-security.  HIPAA compliance was a primary focus from the panelist.  You must do a [Security] Risk Assessment to know what issues you have and prioritize the remediation of those issues.  The changes brought about by HITECH and later updates to HIPAA mak ...

After the Risk Assessment, Then What? How Often Do I Need to Check?

As we noted previously, there are numerous requirements for HIPAA compliance.  A follow-up question often heard is “How often do I have to do these things?” Risk assessments officially need to be performed on an annual basis but regularly reviewing your risk remediation plan throughout the year is a business “best practice” for any organization. Policies and Procedures need to be reviewed and changed depending upon federal law changes and changes in your organization.  New processes, new tec ...

1 2