If you missed our first HITRUST Certification Essentials webinar, no worries. I’ll recap some of the webinar highlights as well as a few of the key questions asked by our audience of healthcare professionals.
Hollywood builds a picture of what a typical hacker looks like – sitting in a dark basement surrounded by computers. The modern hacker is savvier and takes a different approach. They’re out in public and probably dressed similarly to you.
Today, we explore these threats and share three examples of techniques that are on the rise, as well as ways that you can stop human-manipulation attacks.
My colleague, Edward Henry from Princeton Healthcare System, and I had a great time talking with the audience at NJ/DVHIMSS last month. Our topic seemed to have struck a chord and the questions and reactions after the session have reinforced the need for business impact analysis in our healthcare organizations.
Today, covered entities and business associates are addressing a wide-range of regulatory requirements necessary to solve the growing complexities in the healthcare industry. Evolving technologies, migration to the Cloud and cyber threats like ransomware are just a few top-of-the-mind issues. Combine those with regulations under HIPAA, Meaningful Use, PCI, COBIT and ISO, and you will find that covered entities and business associates need a way to more effectively manage their security programs.
After a two year long investigation on the theft of an unencrypted smartphone with no password protection, the Department of Health and Human Services' Office for Civil Rights (OCR) announced the first ever Business Associate HIPAA penalty. Catholic Health Care Services (CHCS) of the Archdiocese of Philadelphia was hit with a $650,000 penalty for the potential exposure of 412 patients’ information at six Philadelphia-area nursing homes back in 2014. OCR shared that data on the stolen employee-issued smartphone "was extensive, and included Social Security numbers, information regarding diagnosis and treatment, medical procedures, names of family members and legal guardians, and medication information."