Stay in the know
ePHI – Defend, Detect, Defeat
Healthcare covered entities and business associates can reduce their cyber security risks by focusing on three areas – defend, detect, and defeat. The cyber security industry refers to these areas with different words, but the same basic meaning. Sometimes...
Healthcare Breaches Caused By Criminal Attacks
Last year the Ponemon Institute’s Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data revealed a shift in the root cause of data breaches from accidental to intentional. This is worth noting for all healthcare providers, large and small. It’s not...
Is 2016 going to be “The Sequel” for Healthcare?
We all love sequels of our favorite movies. Unfortunately, when it comes to healthcare breaches, there is not much to love about the likelihood of a 2016 sequel to a record breaking 2015. At the end of 2014, which was recognized as the “The Year of the Cyber Breach”,...
Third Rock CEO serves as panelist for ISC(2) Challenges in Healthcare IT
Robert Felps, Third Rock CEO, was one of four panelists for the ISC(2) Austin Chapter in Austin, TX on March 14 discussing Challenges in Healthcare IT. There were over 50 security experts in attendance. The focus was on the state of Healthcare cyber-security. HIPAA...
Third Rock Introduces Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! CE course for Free to HealthCare Associations and Members
# # # FOR IMMEDIATE RELEASE Contact: Robert Felps rjf@thirdrock.com 512-310-0020 Third Rock Introduces Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! CE course for Free to Healthcare Associations and Members Austin, Tx, Mar 8, 2016 –...
After the Risk Assessment, Then What? How Often Do I Need to Check?
As we noted previously, there are numerous requirements for HIPAA compliance. A follow-up question often heard is “How often do I have to do these things?” Risk assessments officially need to be performed on an annual basis but regularly reviewing your risk...
Building a Privacy & Security Culture: Training is just the beginning!
The privacy and security practices required by HIPAA run counter to decades of habit! Paper charts stored in unsecured racks in public hallways, unsecured computer workstations, and open discussion of patient information in public areas have been the norm in many...
After the Risk Assessment, Then What? Planning for Emergency Events
As we noted previously, there are numerous requirements for HIPAA compliance. Being prepared for future emergency events is often identified in the Risk Assessment as a HIPAA compliance requirement that needs to be addressed. Preparing for future events is often...
5 Benefits of HIPAA Privacy and Security Training
HIPAA law requires that all workforce members with any access to PHI receive training in basic privacy and security practices. “Workforce” includes housekeeping staff, dietary workers, clerical staff, and contract workers in addition to all members of the clinical...
Create a Human Firewall – HIPAA Training
Cyber breaches in healthcare are in the headlines and on the rise. Last year, over 112.8 million people’s “protected” health information was stolen or improperly disclosed! That is approximately one third of the total U.S. population - in just one year! The big news...