The HIPAA Security Rule mandates that covered entities must conduct a security risk assessment or SRA. This includes health care plans for individuals, government plans (Medicare, Medicaid, Obamacare), and employer-sponsored plans. Providers that conduct electronic health care transactions must comply with the Security Rule. This means conducting an SRA. It is recommended that this occurs...
An Indirect Hit The NHS, or National Health Service, is the publicly funded healthcare system for the United Kingdom. They are supported by Advanced who is a managed service provider (MSP). Healthcare companies may outsource their IT departments to other companies to manage the cybersecurity and technical aspects of the business. This allows them to...
API Adoption and Healthcare Healthcare faces threats from cybercriminal activity at rates that continue to rise. The patient data that they access and maintain is valuable on the dark web in more ways than one. It can be an access point for a greater breach and then used to manipulate or steal identities and attack...
Healthcare Breaches on the Rise Don’t shy away from this headline, healthcare businesses cannot put their head in the sand or look the other way when it comes to establishing a strong cybersecurity program. For many, the focus has been on HIPAA compliance. This consumes resources both in the workforce and funding. It has also...
Many people in healthcare make the incorrect assumption that their business won’t be a target for cybercriminals because they are “just a one-man show” or “aren’t part of a big network”. Neither way of thinking is wise, because when a cybercriminal is trying to compromise data or an entire network, every organization is valuable, and...
An astronomical increase of 450% would be a wonderful thing if we are talking about revenues or productivity. But when it comes to COVID-19 related phishing attacks, that percentage in the jump of attacks from 2019 to 2020 is staggering – and a serious issue that needs to be addressed. According to the ForgeRock 2021...
What is Phishing? Phishing is the practice of tricking users by imitating reputable companies in order to reveal personal or confidential information which can then be used in a more illicit manner. This is done via a deceptive email or website, and often in a combination of both. Spear phishing takes the manipulation one step...
The History A trip into any card store or venture onto social media will alert or remind you that there is a holiday for nearly everything. Who got to decide that April 23rd was National Talk Like Shakespeare Day? Or that Squirrel Appreciation Day would fall on January 21st? Some of them might make you...
Bigger business, bigger problems, right? Not necessarily true when it comes to the cost of a cyberattack within the healthcare industry. A recently published survey brings unexpected results when it comes to comparing large and medium-sized businesses. Surprisingly, medium-sized businesses are hit with cyberattack costs that are nearly 4x that of their larger counterparts at...
As a person who works within the healthcare industry, understanding HIPAA is a necessity, even if it is knowing just the basic rules. These rules and regulations are complex and ever-changing so that they can keep up with the fluid landscape of healthcare, so unless you are an expert, it is unlikely that you know...
Recent Comments