Archives

Pause To Consider: Workforce Targets

It’s no secret that the healthcare industry is highly susceptible to cyber-attacks. However, most executives don’t realize that many attacks are directed at what’s arguably an organization’s weakest link: its workforce. Workforce members and their user accounts are generally targeted via phishing attempts or brute force attacks. Pause to consider: How confident are you that… View Article

Read More ›
PAUSE TO CONSIDER: Vulnerability Threat Management

Vulnerability threat management [VTM] is a key fundamental for compliance with HIPAA.  Every healthcare organization should utilize VTM for foundational security management. To set your initiative up for success, pause to consider these essential factors: Are you performing authenticated or non-authenticated scans? Authenticated scans use authenticated user credentials to grant local access to the target… View Article

Read More ›
PAUSE TO CONSIDER: Evaluating Technologies

We often get so focused on individual tools, technologies, or processes that we don’t step back to evaluate the risk to the organization as a whole. Pause to consider these general questions to see if you’ve accounted for risk in your security program: Are you managing the risk of your connected medical devices? Medical devices… View Article

Read More ›
Pause To Consider: Business Associates

The HHS Office for Civil Rights (OCR) issued new documentation on May 24, 2019 specifying requirements and prohibitions for which Business Associates are directly liable. The OCR is authorized to take enforcement actions against Business Associates for ONLY 10 specific HIPAA violations.  Some of these violations may include failure to: Comply with Security Rule requirements… View Article

Read More ›