Stay in the know
HIPAA: What was Reasonable and Appropriate is not Today!
If you are scared of the blunt truth, you really should read this anyway. You can no longer simply cover your ears and close your eyes. I’m sure HHS and OCR wish the phrase “reasonable and appropriate” wasn’t ever written into the HIPAA CFRs. I can’t think of a...
Healthcare Information Security: Have you been breached?
The Ponemon Institute 1 reports that approximately 91% of healthcare organizations (“covered entities”) have experienced an information breach in the past year and an additional 38% have suffered more than five data breaches in the past two years! During the same time...
Security Advisory: LastPass Compromised
According to LastPass their team found and blocked suspicious activity on their network. They claim that no evidence that any encrypted user vault data (where the passwords are stored) was taken. However they said that the investigation has shown that LastPass account...
They’re Here! OCR Launches Phase 2 HIPAA Audits. Are You Ready?
The Office of Civil Rights (OCR) is about to launch the next round of HIPAA audits, designated as Phase 2. The initial phase of audits in 2011 and 2012 established that security compliance was woefully poor and expectations for these next round of audits are...
29 Million Health Records Exposed in 4 Years
If you had any shred of doubt that health care data breaches are a legitimate and major problem, those doubts have been laid to rest. Medical researchers published a study (link) showing that an astounding 29.1 million health records were compromised between 2010 and...
Dental practice hacked – Healthcare practices under attack.
We've all read in the news about large healthcare providers and insurers being hacked and losing millions of patient records. However, small practices need to realize why they too are targets for cyber attacks. Cyber criminals are breaching dentist, orthodontists,...
US-CERT: Microsoft Releases Critical Security Bulletin
Microsoft has released Security Bulletin MS15-011 to address a critical vulnerability in Windows. Exploitation of this vulnerability could allow a remote attacker to take complete control of an affected system. This security update contains a new policy feature (UNC...
Security Advisory: New Adobe Flash Vulnerability
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address a vulnerability that could be used to circumvent memory randomization mitigations on the Windows platform. Adobe is aware of reports that an exploit...
Worry-Free Compliance with Secure (Encrypted) Email
HITECH has added new requirements to the HIPAA regulations, one of which is encrypted email when sending or receiving PHI. It’s important for healthcare providers to understand email is NOT secure, encrypted or safe for sending sensitive information. It is easily...
Hackers Pay 20-times More for Medical Information
According to Kelly Yee, Vice President at Penango, the secure web-mail and encryption company, hackers are willing to pay 20 times more for medical information than credit card information! The main reason is medical records are a smorgasbord of information, including...