Congratulations to tw-Security—2024 Best in KLAS® Security & Privacy Services!

We're #1! Thank you to all our partners and customers!

VA Hospital ‘High-Risk’ Vulnerability Unaddressed for Years

OIG Audit Findings Include Weaknesses Familiar to Other Healthcare Entities   … Still, “a ‘high-risk’ vulnerability identified over seven years ago that has still not yet been remediated: In the IT world, that’s a really long time,” says Tom Walsh, president of privacy and security consulting firm tw-Security, who reviewed the audit report at Information […]

Read More

Colonoscopy Prep Retail Website Breach Festered for Years

Personal Data of 244,000 in Flux After Malware Probe of Gastroenterologist Vendor   … The stretched out time frame of the malware incident – including the apparent 19-month-long investigation and potential lag in notifying individuals of a breach – is concerning for a variety of reasons, says Tom Walsh, CEO of privacy and security consultancy […]

Read More

Pediatric EMR Vendor Hack Affects 2.2 Million

Incident Spotlights Multiple Common But Serious Data and Vendor Concerns … Complicating matters, pediatric data typically has longer data retention requirements, says Wendell Bobst, senior security consultant at privacy and security consultancy tw-Security. “This means that pediatric providers tend to keep data longer than adult patients,” he says. … Connexin provides its Office Practicum as […]

Read More

CommonSpirit’s Ransomware Incident Taking Toll on Patients

Also: Why Some Facilities Are Affected While Others Are Not … “The reliance on the electronic medical record continues to grow and that is to be expected,” says Susan Lucci, senior privacy and security consultant at tw-Security. Information like allergies, recent diagnoses, and current medications can influence patient care decision-making, she says. “This is another […]

Read More

Feds Warn Healthcare Over Cobalt Strike Infections

Red-Teaming Tool Poses Ongoing Risks When Used by Hackers, HHS Warns … Detection should lead to quick action, says Keith Fricke, principal consultant at privacy and security consultancy tw-Security. Cobalt Strike and other red-teaming tools are ”’legitimate’ in the sense that they can be used by red teamers, but are offensive security tools,” he says. […]

Read More

VA Center’s IT Legacy Flaws Common at Other Health Entities

OIG Security Audit of Texas VA Facility Found Familiar Problems … There are other reasons why many healthcare entities continue to keep legacy IT systems and equipment running long after they are no longer supported by vendors, says senior privacy and security consultant Susan Lucci of tw-Security. Risks associated with obsolescence are “not generally top of mind, […]

Read More

Texas Hospital Still Struggling Through Ransomware Attack

Attackers Demand ‘Tens of Millions Dollars’ as Entity Is ‘Walled Off From World’ …”Phone systems typically have back-end server infrastructure that can be susceptible to ransomware attack. Incident response plans must call out contingencies for communication system failures such as voice and email systems,” says Keith Fricke, principle consultant at privacy and security consultancy tw-Security. Organizations typically […]

Read More

Law Firm Says Year-Old Hack Affected PHI of 255,000 People

Besides a Lag in Reporting, Some of the Compromised Data Was a Decade-Old … Keith Fricke, principal consultant at privacy and security consultancy tw-Security, offers a similar assessment. “What is concerning about the incident is the amount of PHI involved, Fricke says “It makes you take pause and ask how many other law firms store, […]

Read More

Report: Organ Transplant Data Security Needs Strengthening

United Network of Organ Sharing Security and IT Management Under Scrutiny …”In many healthcare organizations, the IT department is overhead, meaning IT is necessary for the business operations, but it is not the main mission of the organization. Therefore, IT tends to be underfunded and understaffed,” says Tom Walsh, president of consultancy tw-Security. “Information security […]

Read More

tw-Security Scores 94.9 in KLAS 2022 Report

tw-Security Scores 94.9 in KLAS 2022 Report August 31, 2022 tw-Security scored 94.9 in overall performance in KLAS Research’s report, Security and Privacy Consulting Services 2022, Who Exceeds Expectations in This High-Performing Market? published August 25, 2022. In this performance report, based on 18 months of data and interviews with provider and payer organizations, KLAS Research scored firms specializing in healthcare […]

Read More