CryptXXX Ransomware provides the scenario we feared most. Not only does CryptXXX encrypt a victims files, but it also copies data off of the victim's computer. This can be consideered unauthorized access, and needs to be reported as a Data Breach. The following article is written by Art Gross, our partner at HIPAA Secure Now. Read his article to learn more about this very dangerous new ransomware, and what you can do to prevent it.
Topics: HIPAA Compliance
Encrypted Devices with PHI can be lost or stolen and it is not considered a Data Breach. Encryption is like a Get Out of Jail Free Card!
Health Insurance credentials sell for $20 each on the black market, but when supplemented with personally identifiable information (PII) such as birth date, place of birth, social security number, it can yield over $1000 per record. These are scary times, and Centene, a St. louis based health insurer is the latest victim of a data breach that will make your head spin. The worst part is that it could have been easily prevented with one simple and inexpensive security measure.
Topics: HIPAA Compliance, Data Security
2016 has just begun, yet speculators are already predicting this will be the year of the HealthCare Data Breach. Without a doubt, implementing a strong HIPAA Compliance framework is your best plan to prevent a breach. Understanding what the OCR will ask you for in the event of a Data Breach, and preparing all of this documentation ahead of time will give you a very good head start on HIPAA Compliance and may just prevent you from experiencing a breach.
Topics: HIPAA Compliance
The HIPAA Privacy Rule allows covered entities and health plans to disclose protected health information (PHI) to business associates, but only if the business associate signs a Business Associate Agreement in which it assures that it will appropriately safeguard the PHI it receives or creates on behalf of the covered entity. So, which of your vendors need to sign a B.A. Agreement? Here is a helpful list of vendors that need to sign your Business Associates Agreement. You may be suprised!
Topics: HIPAA Compliance
Hackers are getting more sophisticated every day, and the ways they lure you to give them access to your computer are downright devious. It is important that all employees are aware of these simple rules that will help prevent intruders from accessing your computer network.
Topics: Security, HIPAA Compliance, Internet Security, IT Security
Topics: Security, HIPAA Compliance, Data Security, Mobile Device Management
CMS recently released changes to the Meaningful Use Stage 2 program for 2015-2017,and the Security Risk Analysis is now the FIRST Objective. Find out what this means to you.
Topics: HIPAA Compliance, Data Security
Protected Health Information (PHI) is defined as information in any format that identifies the individual, including demographic information collected from an individual that can reasonably be used to identify the individual. PHI is information created or received by a healthcare provider, insurance company, employer, or health care clearinghouse, and relates to the past, present, or future physical or mental health or condition of an individual.
In order for Covered Entities and Business Associates to protect PHI, it is critical that you are aware of these 18 identifiers that constitute that the information qualifies as PHI.
Topics: HIPAA Compliance, Data Security
The experts predict that it is not "if" businesses will be the victim of a data breach, it's is "when". In fact, they believe that most businesses already have been victimized. If the chances are that high, it would be a great idea to start thinking about what you will want to tell your customers when you notify them. Seriously, what will you want to be able to tell them about how you protected their personal information.
Topics: HIPAA Compliance, Data Security
News of a high profile hacking incident or a major data breach is becoming a regular event. A good first step for companies looking to protect themselves from cyber threats is implementing strong password policies and procedures for their business.
Topics: Security, HIPAA Compliance
