phi

hipaa violations

New HIPAA guidance

New HIPAA guidance Yesterday, December 20th, 2021, the Office for Civil Rights issued new guidance under the Privacy Rule on disclosures of PHI for Extreme Risk Protection Orders (ERPO). Inevitably, this is going to get twisted and contorted by those on the right and the left, so let’s get to the actual ruling and define …

New HIPAA guidance Read More »

Log4Shell hack

Log4Shell the simplest of hacks

The simplest of hacks… Imagine being able to hack a server simply by pasting a block of text into a chat window. Well, that’s exactly what happened to the game MineCraft’s servers over the weekend. The newly discovered vulnerability is called Log4Shell and it exploits a previously unknown weakness is a common Java library used …

Log4Shell the simplest of hacks Read More »

HIPAA Violations Tiers

HIPAA Violations – Twenty-Five Fines and Counting

Twenty-Five Fines and Counting Since 2019, the Office for Civil Rights (OCR), the HIPAA enforcement arm of the Department of Health and Human Services, has been enforcing violations of the rights of patients to have timely access to their medical records. Most recently they levied five fines against various organizations for violations of patients’ rights. …

HIPAA Violations – Twenty-Five Fines and Counting Read More »

fake email phishing

The Holiday Con

It’s that time of year, are you ready? Given the cyber-crime epidemic we are experiencing, it stands to reason this holiday season, historically a peak period for cyber crime, will see a considerable spike in scams. Here’s a list of the top scams to expect, and what to do about them. First on our list …

The Holiday Con Read More »

Zero Trust Network Security Configuration

Changing trust by default

Traditional trust-based networking is undergoing a massive paradigm shift, affecting you if it hasn’t already. If you think you’re losing your freedoms, no place will that be more evident than in your work environment. This stripping of your computing freedoms is caused by the ransomware and cybercrime epidemic costing US citizens billions of dollars annually. …

Changing trust by default Read More »

Cybersecurity Training Online

Cybersecurity Training and HIPAA

Which Employees Require HIPAA Training? The HIPAA Privacy Rule (45 CFR § 164.530) and the HIPAA Security Rule (45 CFR § 164.308) stipulate training should be provided to all members of the workforce not only the ones that have contact with ePHI or PHI. That means not only employees, but also agency staff, consultants, and …

Cybersecurity Training and HIPAA Read More »

EHR PHI Third party apps

Sharing PHI with Third Party Applications

09The FTC has been warning third-party healthcare applications to tighten up their security, and that they are watching. This follows reports from Ponemon Institute and Verizon Data Breach Investigations Report highlighting the healthcare sector experienced more breaches than any other sector. It also follows the massive 2018 data breach experienced by healthcare application MyFitnessPal that …

Sharing PHI with Third Party Applications Read More »

HIPAA Security Reminders

 

HIPAA Security Suite has developed a weekly HIPAA Security Reminder series that’s FREE for all of us who are responsible for, or engaged in, the use and protection of PHI.

Pursuant to Section 164.308(a)(5) of the HIPAA Security Rule, the Standard states: Implement a security awareness and training program for all members of its workforce (including management).

This standard is part of our Best Practices Recommendations for HIPAA Security Suite users, but it’s available for FREE to anyone who wants to comply with HIPAA using the easiest, best tools available.

Sign Up