As post-pandemic life comes into view, healthcare looks to the future with telemedicine. Here’s a quick glance at expanding horizons for digital patient care & IT security.
Since the onset of COVID-19, it’s been challenge after challenge for hospitals nationwide. While tending to the unique and weighty demands of the pandemic, healthcare is simultaneously under siege from malicious actors seeking to take advantage of overworked staff
The novel coronavirus has given cybercriminals a chance to restructure their attacks for vulnerable targets, and hospitals are at the top of the list.
Regulations are everywhere in the cybersecurity world, to address the vast array of risks that come about as technology expands into every industry.
Last week, we discussed the tendencies of hackers to strike where they can cause the most chaos, taking advantage of the socioeconomic disruptions caused by COVID-19.
Starting September 1, 2018, Colorado’s new Protections For Consumers Data Privacy law will require organizations to notify victims of breaches containing personal information within 30 days of determining that a breach occurred — 30 days before current federal HIPAA requirements. Like other state laws, Colorado’s newest approved bill signals to healthcare organizations that you can no longer wait for federal mandates to suggest how you protect your patients’ information. You must prepare for potential changes now or risk suffering the consequences. Here’s what we know about the new law and how it could affect your organization. Who is Affected? First off, it’s important to note that Colorado’s law will impact not only businesses located within its borders but also entities
You likely use third-party vendors to outsource your payroll, HR or IT infrastructure — all essential business functions. Unfortunately, in doing so, you’re giving multiple companies access to sensitive data, including private patient or customer information. In the event of a breach or leak of said sensitive information, it’s important to know where the chips fall and what liability you’re assuming when you outsource business efforts. Let’s take a look at how outsourcing significantly impacted the health insurer Aetna to assess opportunities and risks involved with hiring a third-party vendor. Aetna’s settlement If you’re unfamiliar with the backstory, Aetna made news for paying about $20 million in legal settlements from a case in 2017 concerning privacy violations of about 12,000
A new HIPAA fine has been released, and it’s significant. Federal regulators have issued one of the largest HIPAA settlements ever in favor of 521 impacted individuals over Massachusetts-based healthcare organization Fresenius Medical Care (FMCNA). Cited specifically for a lack of risk analysis, FMNCA now ranks among one of the costliest HIPAA penalties issued, paying out $3.5 million to affected individuals. Fresenius first reported the breach on January 21, 2013. Data exposed included patient names, addresses, dates of birth, telephone numbers, insurance information and even some social security numbers. FMNCA committed an all too common theme among HIPAA violations, failure to conduct a thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all its
HIPPA compliance for healthcare organizations is crucial – yet many still struggle with meeting even the most basic requirements. Furthermore, merely employing a security profile that just meets regulations does not provide adequate protection. But what does it mean in real-life terms to not meet these requirements, and what steps can you take right now to improve your security? A Taller Fence Hearing phrases like, “lacking IT security” can be somewhat vague if you don’t have a firm grasp on the particulars of your network security. So here’s an example that might help: Imagine your IT security system is a fence protecting your yard. The government requires you have a fence that stands 3 feet tall. Now this might be enough
Often, we see phishing schemes being perpetrated by hackers seeking to steal information. Rarely do we discover a scheme that is essentially an elaborate marketing tactic. Healthcare Info Security reports that the Department of Health and Human Services (HHS) sent a warning to organizations in the healthcare system, alerting them to an unusual phishing attempt. Phishing, as we’ve previously written about, is a scam that uses seemingly legitimate links to take you somewhere you didn’t intend to go. This can be done by subtly changing a URL address, which is exactly what was done in this case. The Scam Per the HHS, this phishing email campaign masquerades as a message regarding HIPAA compliance audits from the HHS’ Office for Civil
We’re here to discuss your upcoming IT security assessment and compliance audit needs.
