, , , ,

The hospital attack that wasn’t

How Boston Children's dodged an attack This past week the FBI released details on a cyberattack against Boston Children's Hospital in November of last year. Prior to the attack, CISA and others sent alerts out to the healthcare community warning…
Active shooter training
,

Do you prefer security or privacy? You can’t have both.

What's Happening in Our Schools I was reading the FBI feeds recently following the horrific events in Texas last week. As more information comes to light, it's beginning to look (once again) like the warning signs were there, and here again,…
HIPAA Breach Notification

HIPAA Breaches Running at Record Rate

HIPAA Breaches and You In the past 12 months, we've averaged over 3.3 million breached healthcare records per month. Aside from the breach of confidentiality this represents, the information in those records is used for financial fraud,…
Strong password

Hey, what’s your password? The Dark Web knows

Creating Better Passwords To make passwords "strong," they must be both unique and lengthy (at least 12 characters). Generally, people are pretty bad at creating passwords that fit either category (much less both). You could let a computer…
HIPAA violations
, , ,

HIPAA Fines Show How You Are Failing

HIPAA violations are on the rise. Although we didn't hear too much about breach-related HIPAA violations during the pandemic, incidents were occurring, and the violations are now being pursued and published. The result is a steady stream of…
OCR HIPAA Cybersecurity
, , ,

OCR is soliciting feedback on pending changes

OCR is making HIPAA changes, are you ready? Earlier today the Office for Civil Rights (OCR) issued a Request For Information to its constituents (that's us) soliciting feedback for potential changes in two areas. The first area relates to cybersecurity,…
, ,

Critical Google and Microsoft updates

Critical Update Alert Recently Microsoft and Google released a critical security update to their browsers. Since you likely use these browsers in your environment, you need to ensure that they stay up to date. Below we have included sets…
Windows 11
, ,

Why Windows 11 needs to be in your 2022 budget

You need Windows 11 - NOW Another Intel chip, another iPhone, Galaxy, Chromebook, etc., it seems we're always being presented with the latest and greatest version of the technology we're using. While most updated software and devices are feature-packed…
Online Privacy
, ,

Did your privacy take a hit in 2021?

What happened to your data in 2021 We haven't heard much about HIPAA in the past few years while the healthcare industry and regulators grappled with managing and responding to the COVID crisis. But that distraction has proven to be an ideal…
Email mistakes
, ,

How To Blow Your HIPAA Compliance In 1 Email

Email Mistakes It has happened again, and it won't be the last time. The City of Boston just received their egg-in-the-face award for sending an email to all their recently-tested-positive Covid patients instructing them on the City's policies…
Ukraine russia cyber war
, ,

The latest cyber news

The latest cyber news I'm sorry, I'm just not buying it. If you've been anywhere but under a rock lately, then you've heard about the Russia-Ukraine conflict. This week we were treated to the news that Russia has launched a cyberwar against…
Pentagon Breach
, ,

Russia to the Rescue!

Russia to the Rescue! I don't know about you, but it seems we've had a Russia obsession for more than a few years now. If Putin's goal was to live in the heads of our politicians, tormenting their dreams, it sure seems he has succeeded. Not…
HIPAA certified
, ,

HIPAA compliance is a false sense of security

New HIPAA guidance Yesterday, December 20th, 2021, the Office for Civil Rights issued new guidance under the Privacy Rule on disclosures of PHI for Extreme Risk Protection Orders (ERPO). Inevitably, this is going to get twisted and contorted…
HIPAA violations
, ,

New HIPAA guidance

New HIPAA guidance Yesterday, December 20th, 2021, the Office for Civil Rights issued new guidance under the Privacy Rule on disclosures of PHI for Extreme Risk Protection Orders (ERPO). Inevitably, this is going to get twisted and contorted…
Log4Shell
, ,

Log4Shell the simplest of hacks

The simplest of hacks... Imagine being able to hack a server simply by pasting a block of text into a chat window. Well, that's exactly what happened to the game MineCraft's servers over the weekend. The newly discovered vulnerability is called…
HIPAA violations tiers
, ,

HIPAA Violations – Twenty-Five Fines and Counting

Twenty-Five Fines and Counting Since 2019, the Office for Civil Rights (OCR), the HIPAA enforcement arm of the Department of Health and Human Services, has been enforcing violations of the rights of patients to have timely access to their medical…