Social Engineering: Facing the Hacker in Your Midst


Hollywood builds a picture of what a typical hacker looks like – sitting in a dark basement surrounded by computers. The modern hacker is savvier and takes a different approach. They’re out in public and probably dressed similarly to you.

Today, we explore these threats and share three examples of techniques that are on the rise, as well as ways that you can stop human-manipulation attacks.

JP Larson, MS - Information Assurance and Security, SSCP
Read more

What Is HITRUST And How Can It Benefit Your Organization?


Today, covered entities and business associates are addressing a wide-range of regulatory requirements necessary to solve the growing complexities in the healthcare industry. Evolving technologies, migration to the Cloud and cyber threats like ransomware are just a few top-of-the-mind issues. Combine those with regulations under HIPAA, Meaningful Use, PCI, COBIT and ISO, and you will find that covered entities and business associates need a way to more effectively manage their security programs.

Read more

Business Associate’s Failure to Protect Patient PHI Leads to $650,000 HIPAA Penalty Just Weeks before Phase 2 HIPAA Audits Kick into High Gear… Coincidence? We Think Not.

After a two year long investigation on the theft of an unencrypted smartphone with no password protection, the Department of Health and Human Services' Office for Civil Rights (OCR) announced the first ever Business Associate HIPAA penalty. Catholic Health Care Services (CHCS) of the Archdiocese of Philadelphia was hit with a $650,000 penalty for the potential exposure of 412 patients’ information at six Philadelphia-area nursing homes back in 2014. OCR shared that data on the stolen employee-issued smartphone "was extensive, and included Social Security numbers, information regarding diagnosis and treatment, medical procedures, names of family members and legal guardians, and medication information."

Pamela Hayduk
Read more