We wrote about LinkedIn having 6 million passwords stolen. eHarmony has also been a victim of 1.5 million passwords being stolen. The clear message here is that if these large websites can be victims of cyber-criminals, much smaller organizations stand little chance in defending its information. Both LinkedIn and eHarmony are well funded companies that...
By now you may have heard about the 6 million passwords that were stolen from LinkedIn. The passwords were posted on a Russian online forum. The passwords were encrypted but through the use of password cracking programs many of the passwords have been cracked. An article over at IT security company Qualys goes into details...
There is a good article over at the Vormetric Security Blog that looks at restricting employee access to patient information. They argue that not all employees need full access and unless an employee can demonstrate that access is needed to perform their job function, no access to patient data should be given. The below paragraph...
There are many threats to patient information and financial resources and one that seems to be popping up a lot lately is phishing scams. A phishing scam is basically an email that looks like a legitimate email from a bank, credit card company, retail stores, social networks (Facebook, Twitter, LinkedIn, etc.). The email usually has...
We have written about the $100,000 HIPAA fine that was handed down to Phoenix Cardiac Surgery. There is a very good article at AISHealth that details the case and provides some good insight by industry professionals. One quote by well respected HIPAA attorney Jeff Drummond really sheds light on what happens when you ignore compliance...
Many organizations are still using tapes to backup data. Those organizations that are still using backup tapes need to ensure that the tapes utilize encryption. Without encryption, a lost or stolen backup tape could result in a very large data breach. Best network practices call for performing a backup on all systems at least daily....
There should be no doubt that we are witnessing a changing landscape for healthcare IT. As the government gives billions of dollars in incentives to hospitals and medical practices to implement electronic health records the repercussions are being heard around the country. Medical practices are going from low-tech businesses that focused on paper charts and very little...
In the Ponemon 2011 Cost of Data Breach Study, 41% of breaches were due to third party mistakes. Take a step back and think about the impact of that number. The use of third party organizations are more and more common. According to the HHS.gov website, some examples of third party / business associates include:...
The annual Ponemon 2011 Cost of Data Breach Study has been released and it gives very good insight. The study looks at various costs of data breaches across industries such as media, retail, financial, healthcare and pharmaceutical. Let’s focus in on the costs of data breaches in the healthcare industry. Overall the average cost of...
Part of the proposed requirements for Meaningful Use Stage 2 addresses encrypting data at rest. Let’s take a look at the exact wording conduct or review a security risk analysis in according with the requirements under 45 CFR 164.308(a)(1), including addressing the encryption/security of data at rest in accordance with requirements under 45 CFR 164.312(a)(2)(iv)...
© 2025 · HIPAA Secure Now!
Recent Comments