Stay in the know
Avoid the HIPAA Wall of Shame
There are several things a healthcare covered entity or business associate needs to do to avoid HIPAA fines and the possibility of being listed on the wall of shame, but the immediate need is to perform a thorough risk assessment. And that usually means having a third...
Protecting PHI through mutual trust
The Office of Civil Rights (OCR) of the Department of Health and Human Services issued a warning stating that covered entities should expect and prepare to mitigate the damages of breaches as a result of their business associates (BA). In an article published in...
Anti-virus products, security devices affected by 7-Zip vulnerability
Two vulnerabilities have been uncovered by researchers in a open-source Windows utility called 7-Zip. This program provides compression and archiving tools for files. While many of our readers may not know what, or who, 7-Zip is, it is likely that other products that...
OCR Levies fine for lack of business associate agreements
$1.55 million settlement and remediation According to the HHS Office of Civil Rights, North Memorial Health Care of Minnesota failed to complete a security risk assessment or risk analysis nor did it have compliant business associate agreements. The OCR considers...
Protecting Patient Health Information
The Meaningful Use advisers at the North Texas Regional Extension Center have a lot of experience working with physicians and Patrick Casey makes some good points about the need to protect patient health information. Protected Health Information (PHI) is a hot...
Focus on Security: Backups – The Ultimate Cyber-Security Weapon
Backups, we all believe and trust they are being performed regularly and will work if we ever need to restore our business after a natural disaster, malicious attack or cyber-attack, such as ransom-ware. The reality is backups are not historically reliable and...
Focus on Technology: ePHI Encryption
Five years ago encryption was not common, nor cheap. Today, it's everywhere and inexpensive to implement. Yet, healthcare still considers it a nuisance, ignores it or assumes their EHR or patient management software provides complete encryption. Consider the fact...
Data Hemorrhage – Find and Stop the Bleeding
We bleed data constantly. Data hemorrhage! Why? Because it is self-propagating. The more important the data, the faster it seems to reproduce. Important data has to be backed up. It will end up in the cloud, actually multiple clouds. I’ll print a copy and store it in...
Reduce the Burden of HIPAA While Increasing Your Protection
If you missed our recent webinar on Reduce the Burden of HIPAA While Increasing Your Protection you can watch it on-line now. Ed Jones, Third Rock's Chief Compliance Officer, keeps this presentation updated to help your stay current on HIPAA and cyber-security. We...
Macro malware hidden in Office documents makes a comeback
Just when you thought it couldn't get any worse, the cyber-criminals pile on more threats. More reason to train your staff on cyber-security and get your cyber-security in order before it's too late. Repost from FierceITSecurity ... The year 2015 saw the resurgence of...