‘Inaccessible Computers’ Incident Initially Reported as Affecting 501 People … “Data breaches are time-consuming to investigate,” said Tom Walsh, president of privacy and security consulting firm twSecurity. For example, if phishing or compromised email accounts are implicated in a cybersecurity incident, “all of the saved email messages from the mailboxes of each employee – […]
Read MoreRegal Medical Group Says Patients of Several Affiliates Are Among Those Affected … “The entire organization is going to be at risk once a connected network is in place. This is why understanding the security stance of a potential acquisition before implementation to the network is so important,” says Susan Lucci, senior privacy and security […]
Read MoreOIG Audit Findings Include Weaknesses Familiar to Other Healthcare Entities … Still, “a ‘high-risk’ vulnerability identified over seven years ago that has still not yet been remediated: In the IT world, that’s a really long time,” says Tom Walsh, president of privacy and security consulting firm tw-Security, who reviewed the audit report at Information […]
Read MorePersonal Data of 244,000 in Flux After Malware Probe of Gastroenterologist Vendor … The stretched out time frame of the malware incident – including the apparent 19-month-long investigation and potential lag in notifying individuals of a breach – is concerning for a variety of reasons, says Tom Walsh, CEO of privacy and security consultancy […]
Read MoreIncident Spotlights Multiple Common But Serious Data and Vendor Concerns … Complicating matters, pediatric data typically has longer data retention requirements, says Wendell Bobst, senior security consultant at privacy and security consultancy tw-Security. “This means that pediatric providers tend to keep data longer than adult patients,” he says. … Connexin provides its Office Practicum as […]
Read MoreAlso: Why Some Facilities Are Affected While Others Are Not … “The reliance on the electronic medical record continues to grow and that is to be expected,” says Susan Lucci, senior privacy and security consultant at tw-Security. Information like allergies, recent diagnoses, and current medications can influence patient care decision-making, she says. “This is another […]
Read MoreRed-Teaming Tool Poses Ongoing Risks When Used by Hackers, HHS Warns … Detection should lead to quick action, says Keith Fricke, principal consultant at privacy and security consultancy tw-Security. Cobalt Strike and other red-teaming tools are ”’legitimate’ in the sense that they can be used by red teamers, but are offensive security tools,” he says. […]
Read MoreOIG Security Audit of Texas VA Facility Found Familiar Problems … There are other reasons why many healthcare entities continue to keep legacy IT systems and equipment running long after they are no longer supported by vendors, says senior privacy and security consultant Susan Lucci of tw-Security. Risks associated with obsolescence are “not generally top of mind, […]
Read More