HIPAA Blog
Security Awareness Training – Time to Jump on the Bandwagon
Human-error; we talk about it all the time, but what exactly do we mean? Human-error occurs when an individual performs a task or does something with an unintended outcome. It’s easy to point the finger at employee’s as being an organization’s weakest link, but without appropriate security awareness training provided by the employer, how can …
The post Security Awareness Training – Time to Jump on the Bandwagon appeared first on HIPAA Secure Now!.
HHS’ OCR proposes HIPAA change to share settlements of data breaches with victims
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is planning to issue an advance notice of proposed rulemaking this November that could be a major game changer for HIPAA breach settlements. According to the Data Protection Report, the OCR plans to get the public’s input on a policy change …
The post HHS’ OCR proposes HIPAA change to share settlements of data breaches with victims appeared first on HIPAA Secure Now!.
Insiders to Blame for Poor Cybersecurity in Healthcare
It comes as no surprise that the healthcare industry is a prime target for cybercriminals. Since it’s easy to recognize the potential profit in stealing Protected Health Information (PHI), it is crucial to know and understand the potential security threats that exist, including threats from the inside. Verizon found in their 2018 Protected Health Information …
The post Insiders to Blame for Poor Cybersecurity in Healthcare appeared first on HIPAA Secure Now!.
Two San Francisco Hospitals Suffer Breach of Patient Data
According to the San Francisco Public Health Department, nearly 900 patients at two San Francisco hospitals had their personal information breached. On Friday, the Department stated that the breach occurred at San Francisco General and Laguna Honda hospitals when a former employee of one of the hospitals’ vendors gained unauthorized accessed the patient data. An …
The post Two San Francisco Hospitals Suffer Breach of Patient Data appeared first on HIPAA Secure Now!.
OCR Cyber Security Newsletter: Risk Analyses vs. Gap Analyses – What is the difference?
April 2018 OCR Cyber Security Newsletter Risk Analyses vs. Gap Analyses – What is the difference? The Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security and Breach Notification Rules require covered entities and their business associates to safeguard electronic protected health information (ePHI) through reasonable and appropriate security measures. One of these measures required …
The post OCR Cyber Security Newsletter: Risk Analyses vs. Gap Analyses – What is the difference? appeared first on HIPAA Secure Now!.
Mitigating Insider Threats in Healthcare
It is no secret that healthcare data breaches are on the rise. While we often hear about hackers targeting the healthcare industry, you may be surprised to learn that more healthcare data breaches are caused by insiders than hackers! In their recent Protected Health Information Data Breach Report, Verizon has found that 58% of all …
The post Mitigating Insider Threats in Healthcare appeared first on HIPAA Secure Now!.
Why SMEs and SMBs Fail After A Cyberattack
Malicious cyberattacks are increasing every day around the globe. In fact, cyber-incidents nearly doubled from 82,000 incidents in 2016, to 159,700 in 2017. While the media often depicts large corporations as the primary target for cyberattacks, small business are just as likely – if not more likely to be targeted. An article on CSO looks …
The post Why SMEs and SMBs Fail After A Cyberattack appeared first on HIPAA Secure Now!.
Effective Security Training Requires Change in Employee Behavior
Many organizations spend countless hours and resources on training their employees, only to find that their business has suffered a data breach caused by human error. Despite the quality and frequency of a security awareness training program, if employees are not engaged in training or feeling a sense of motivation to protect their organization, …
The post Effective Security Training Requires Change in Employee Behavior appeared first on HIPAA Secure Now!.
You Received a Letter from OCR, Now What?
This article was written by Matt Fisher and originally appeared on the Mirick O’Connell Health Law Blog. It is published here with permission. At some point in time most group practices, hospitals or other provider organizations will receive a letter from the Office for Civil Rights (“OCR”). The letter will state that OCR received a …
The post You Received a Letter from OCR, Now What? appeared first on HIPAA Secure Now!.
Federal Trade Commission Warns of Fake Invoice Phishing Scams
Phishing has become a common threat faced by organizations in today’s digital era. While cybercriminals are enhancing their tactics to make their attempts seem more legitimate, they continue to recycle old scams, making only minor changes to trick their victims. An old phishing attempt has recently started resurfacing where scammers pose as a well-known tech …
The post Federal Trade Commission Warns of Fake Invoice Phishing Scams appeared first on HIPAA Secure Now!.