Stay in the know
Cybersecurity: It’s a healthcare risk issue
Wannacry may be the best thing that has happened to the healthcare industry in a long time. It brought to light just how terrible a job the industry does in protecting patients from identity theft. That's what it means to lose a patient's protected health...
Third Rock Recognized at Austin Recovery’s 50th Anniversary Event
Round Rock, TX, July 25, 2017 – On May 5th, Austin Recovery celebrated its 50th Anniversary with a luncheon gala at the Shalom Austin Jewish Community Center in Austin, TX. At the event, they recognized Third Rock, Incorporated and its partner Nivola Healthcare...
Missing the HIPAA Target – Part 5 and Last of the Series
In this series I have tried to capture key steps to enable successful implementation of critical HIPAA elements. Right or wrong, HIPAA has become the recipe for cybersecurity for healthcare. But because of the legacy of HIPAA, the majority of providers do not take...
Phishing with Ransomware – Don’t take the bait!
Phishing is a hacking technique that uses phony emails to trick users into revealing sensitive account information (e.g., account password) and/or installing malicious software (“malware”). With ransomware hogging the headlines, non-technical staff may have gotten the...
Closing the Cybersecurity Gap
As we hear more and more about breaches and ransomware in businesses and especially healthcare, it is becoming an even greater concern for healthcare business owners. It is no longer if you will be attacked, but when and how often. The first step in closing the...
What to do if you are a Ransomware victim – latest guidance from HHS
In an earlier post, Clint Eschberger explained that the Best Defense Against Ransomware is a Good Backup. So hopefully your backups are in order - multiple, off-site, and tested. In addition to your internal processes for getting your organization back online, the HHS...
Is a new Healthcare Cybersecurity Framework the answer?
The Healthcare Industry Cybersecurity Task Force has asked the U.S. government to create new policies that would help healthcare providers improve their cybersecurity. You can read about it in this article Cybersecurity task force seeks new security framework,...
Missing the HIPAA Target – Part 4
In my first blog of this series, I stated that the intent of HIPAA was not to make you an expert on regulations, but to guide you to be risk management proficient, which is the ability to recognize threats and risks to your practice and manage them to eliminate or...
Care Disruption – The Ultimate Security Risk
We in the cybersecurity and HIPAA compliance communities talk a lot about breaches and fines and total costs of breach remediation - yadda, yadda, yadda. All non-trivial realities to be sure, but when the WannaCry ransomware attack paralyzed hospitals and physician...
HIPAA – Standard Operations for Business
HIPAA gets a bad rap - and deservedly so. However, most of that bad rap is because it is set up in a typical government fashion that is hard to understand and make sense of. When you look at the HIPAA laws and guidelines, it is not long before you become more...