Compliance Tips

August 14, 2018   |   Ken Reiher

A Guide To The NIST Cybersecurity Framework

Cyberattacks. It’s rare to turn on the news without hearing about a major organization that has become the victim of an online assault. Unfortunately, much more cybercrime is taking place under the media’s radar, and large corporations and national governments aren’t the only targets. Local governments, small business and healthcare organizations are prime targets for attackers.

Keep reading...
July 12, 2018   |   Ken Reiher

Data Breach Litigation: What You Need to Know

As sensitive data breaches become increasingly commonplace, many individuals are seeking to hold breached organizations responsible for the violation of their privacy. As a result, class- action lawsuits have emerged as a popular trend in the world of data breach litigation. With the rapid increase in this type of legal action, healthcare organizations must take measures to prevent data breaches. The first step to prevention is understanding why class-action lawsuits are on the rise as a response to data breaches.

Keep reading...
April 3, 2018   |   Gerry Blass

Building Your Medical Device Cybersecurity Protocol

Medical device cybersecurity has become significantly more important in the age of digital health. There are essential actions health systems must take to protect themselves – and their patients. This blog offers 5 guidelines to evaluate and maintain your medical device cybersecurity.

Keep reading...
December 1, 2017   |   Ken Reiher

HIPAA and Social Media – The Need for Policies and Training

Healthcare organizations and their third party vendors have an obligation to the federal government and their patients to abide by the HIPAA regulations. Unfortunately the very foundation of social media opposes everything in relation to the privacy, security, and confidentiality of information. Social media allows for anyone to see your organizations information, at any time, in any part of the world.

Keep reading...
October 14, 2016   |   Gerry Blass

Have you tested your breach response process?

Adding a cybersecurity tactical simulation test to an overall information security risk assessment is a must in today’s world. It is a sure bet that attacks and breaches will continue to occur and so the need for functional assessments, mitigation, awareness and response are key to protecting your organizations confidential information.

Keep reading...
April 29, 2016   |   Ken Reiher

The Top Ten Things Your Organization Should Be Doing To Pass An Audit and Reduce Risk of a Breach

Imagine trying to come up with the top ten things our planet should do to decrease vulnerabilities and threats. Looking at earth from 30,000 feet can make that seem easier to do. But if we zoom in to the details we could probably come up with hundreds of things to consider. The same is true with health information privacy and security. To come up with what we consider to be the top ten things to do to pass an Office for Civil Rights (OCR) audits and reduce risk of unauthorized access to your protected health information (PHI), we had to zoom out and look at what we have observed over the past several years from a very high level. Our top ten things to do are not listed in any particular order. Keep in mind that our top ten today will most likely change very soon and at least year to year. Here they are:

Keep reading...