Bad actors target healthcare. A recent article in Healthcare Info Security discussed the disturbing trend of ransomware attacks joining—and in some cases, even surpassing—classical hacking attacks as major threat to healthcare operations. The object of a ransomware attack is to cut off access to critical enterprise data by encrypting the information. After payment has been […]
Read MoreWhat are some security and privacy concerns that telehealth providers should take into consideration? Rushing to establish new telehealth applications or expanding existing ones to meet urgent demands can lead to overlooking important controls necessary to maintain security and privacy of information Ensuring the transmission of information sent over the internet is encrypted Ensuring the […]
Read MoreThe following highlights best practices to protect yourself and your organization. What should healthcare entities be doing today to prevent/defend against phishing? Prohibit access to personal webmail through organizational resources Mandate the workforce to use “guest” wireless network when connecting personally-owned devices via Wi-Fi Prevent rules that auto-forward organizational email to personal, webmail accounts Limit […]
Read MoreHow important is risk analysis? The HIPAA Security Rule is flexible, scalable, and technology-neutral making it open for interpretation. How important is it to conduct a risk analysis? Here is a clue: The words “risk analysis” are used 36 times in the HIPAA Security Rule Preamble. The risk analysis is the foundation of your security […]
Read MoreWhat should IT security professionals consider regarding the impact of COVID-19 on breach activity and the types of breaches reported to HHS in 2020? The number of telecommuters may result in security and privacy mistakes occurring in caregiver’s home environments. PHI may be exported to unsecured USB drives, confidential information could be unsuspectedly available to […]
Read MoreWhat are some of the values and shortcomings of cyber insurance? Cyber insurance policies typically offer business interruption and data restoration coverage for an additional premium. These services may be covered by a cyber insurance policy; consulting the insurance carrier or broker is the best way to understand the boundaries of coverage Smaller organizations may […]
Read More