Please Welcome Wendell Bobst

tw-Security is pleased to announce that Wendell Bobst has joined our team as Senior Security Consultant. Mr. Bobst brings over 27 years of experience in IT healthcare, and over 20 years of leadership in information systems, strategic initiatives, and security to our clients. As Information Security Officer (ISO) at Adventist Health for nearly ten years, he […]

Read More

CYBERSECURITY AND THE UKRAINE CONFLICT: WHAT’S THE LINK?

Hint: It’s hard to hit a moving target. First, some good news: Last month, our friends at Healthcare Info Security published an article about the latest breaches reported on the Department of Health and Human Services’ HIPAA Breach Reporting Tool website. Valuable data takes cover While the overall trend rate continues to rise sharply, in […]

Read More

FAQ – The Ransomware Threat

Bad actors target healthcare. A recent article in Healthcare Info Security discussed the disturbing trend of ransomware attacks joining—and in some cases, even surpassing—classical hacking attacks as major threat to healthcare operations. The object of a ransomware attack is to cut off access to critical enterprise data by encrypting the information. After payment has been […]

Read More

FAQ – Telemedicine, Remote Connectivity

What are some security and privacy concerns that telehealth providers should take into consideration? Rushing to establish new telehealth applications or expanding existing ones to meet urgent demands can lead to overlooking important controls necessary to maintain security and privacy of information Ensuring the transmission of information sent over the internet is encrypted Ensuring the […]

Read More

FAQ – Phishing and Ransomware

The following highlights best practices to protect yourself and your organization. What should healthcare entities be doing today to prevent/defend against phishing? Prohibit access to personal webmail through organizational resources Mandate the workforce to use “guest” wireless network when connecting personally-owned devices via Wi-Fi Prevent rules that auto-forward organizational email to personal, webmail accounts Limit […]

Read More

FAQ – Risk Analysis, Risk Assessments

How important is risk analysis? The HIPAA Security Rule is flexible, scalable, and technology-neutral making it open for interpretation. How important is it to conduct a risk analysis? Here is a clue: The words “risk analysis” are used 36 times in the HIPAA Security Rule Preamble. The risk analysis is the foundation of your security […]

Read More

FAQ – Breach Management (COVID-19)

What should IT security professionals consider regarding the impact of COVID-19 on breach activity and the types of breaches reported to HHS in 2020? The number of telecommuters may result in security and privacy mistakes occurring in caregiver’s home environments. PHI may be exported to unsecured USB drives, confidential information could be unsuspectedly available to […]

Read More

FAQ – Cyber Insurance Policy – Guidance

What are some of the values and shortcomings of cyber insurance? Cyber insurance policies typically offer business interruption and data restoration coverage for an additional premium. These services may be covered by a cyber insurance policy; consulting the insurance carrier or broker is the best way to understand the boundaries of coverage Smaller organizations may […]

Read More