The FBI in a private industry notification warned health care providers that cybercriminals are actively targeting File Transfer Protocol (FTP) servers “operating in ‘anonymous’ mode and associated with medical and dental facilities to access protected health information (PHI) and personally identifiable information (PII) in order to intimidate, harass and blackmail business owners.” The notification, issued [...]
By Admin April 27, 2017 An Illinois pediatric health chain paid a $31,000 HIPAA breach penalty this month after the company it hired to store and manage old paper medical records instead dumped them into an unlocked trash bin at an office park. Center for Children’s Digestive Health (CCDH) – which operates seven clinics across [...]
By Admin April 24, 2017 The agency that develops information security standards for the U.S. federal government is recommending significant changes to password guidelines, essentially reversing some long-held best practices. Changes to the Digital Identity Guidelines are managed by officials at the National Institute of Standards and Technology (NIST), a division of the U.S. Department [...]
By Admin April 27, 2017 The theft of a laptop computer containing information of nearly 1,400 patients was among two HIPAA breaches that led a Pennsylvania provider of remote heart monitoring to pay $2.5 million, federal authorities said this week. Malvern-based CardioNet, Inc., essentially had no process at all for securely managing electronic protected health [...]
By Pedro Hernandez | Posted April 20, 2017 Dell recently commissioned Dimensional Research to look into the data security habits of over 2,600 professionals in eight countries, including the United States and Canada. Although participants worked for organizations with 250 employees or more – squarely in the 'midsized' part of the small and midsized business (SMB) category [...]
In light of recent healthcare ransomware attacks, HHS created a fact sheet to help covered entities keep ePHI secure and follow HIPAA regulations. Conducting a risk analysis, regular user training, and maintaining an overall contingency plan are just a few of the recommendations from the Department of Health and Human Services (HHS) in its recent [...]
Almost two-thirds of states have passed a new student privacy law in the past 3 years A new analysis from the Data Quality Campaign shows more and more states are taking steps to ensure student privacy through legislation. During the past three years, every state but Vermont has introduced at least one bill and 36 [...]
Quick question: How does parting with nearly a hundred grand because of lax PC security sound to you? According to new research from Kaspersky Lab, small business owners can now add the high cost of a ransomware attack to the litany of reasons why they should protect themselves against this particularly nasty form of malware. [...]
Monitoring endpoint security and having outside companies conduct risk assessments are key steps to prepare against healthcare cybersecurity threats. As more healthcare ransomware cases are reported, it becomes even more apparent that organizations of all sizes can no longer assume that they will never be a target of a healthcare cybersecurity attack. Covered entities must [...]
Servers, like home furnaces, are critical pieces of infrastructure that should work without issue for many years. But eventually they will start struggling, maybe rattling a bit or not working as efficiently as they once did. They might limp along for a while, but one sad day, they go dark. Maybe it’s a quick component [...]
