Cybersecurity Best Practices: Endpoint Protection Systems

Because medical practices and the business associates that serve them handle protected health information (PHI) regularly, precautions must be taken to safeguard sensitive information. The Department of Health and Human Services (HHS) recommends ten practices that all organizations handling PHI must implement. Today, we examine endpoint protection systems. What is Endpoint Protection? While it may sound technical, an endpoint is simply any [...]

2023-04-06T13:57:58-04:00October 7th, 2022|

Email Protection Systems: What Do They Mean for Your Organization

October is Cybersecurity Month, making it an excellent time to look at what you’re doing to protect the data in your care. To guide you in this process, the Department of Health and Human Services (HHS) recommends ten practices that anyone handling ePHI needs to implement. The first recommended practice is email protection systems. What Are Email Protection Systems? Email protection systems [...]

2023-04-06T13:57:58-04:00October 5th, 2022|

Another Delay Sought for Cures Act Information Blocking Rule

With an October 6, 2022 deadline looming, a group of hospitals and medical associations is making a last-minute plea for HHS to delay the implementation of the 21st Century Cures Act Information Blocking Rule for one more year. Passed as part of the 21st Century Cures Act in 2016, the rule is intended to encourage innovation in medical research and expand patients' [...]

2023-04-06T13:57:59-04:00September 30th, 2022|

Are You Using a HIPAA Compliant FTP Server?

An FTP or File Transfer Protocol server is a standard communication protocol used to transfer files between computer systems. However, not all FTP servers are created equally. Some are HIPAA compliant, while others are not. When using an FTP server to send files containing patient protected health information (PHI), it is essential that the product you are using is HIPAA compliant. Are you using a HIPAA [...]

2023-04-06T13:58:53-04:00August 12th, 2022|

Is MyFax HIPAA Compliant?

MyFax offers internet fax solutions, allowing users to send faxes online, by email, or from their phones. There are many benefits to using services such as MyFax rather than using traditional faxes, mainly privacy and security. However, as a business working in healthcare, you must consider whether or not a service is HIPAA compliant before choosing which electronic fax provider to use. So, is MyFax HIPAA [...]

2023-04-06T14:00:47-04:00October 29th, 2021|

Health Data Security Compromised by Third-party Apps

A new report published by Approov uncovered major cybersecurity flaws in third-party health apps that populate patient data from electronic health record systems. Through research conducted by cybersecurity analyst Alissa Knight, it was found that the health data security of many of these apps are flawed, putting the patients that use them at risk. Report Uncovers Major Vulnerabilities The Fast Healthcare Interoperability [...]

2023-04-06T14:00:49-04:00October 20th, 2021|

ePHI Security Emphasized in HHS Summer Newsletter

Although the HHS has long stressed the importance of ePHI security, with the influx of healthcare breaches, it is clear that many organizations have not heeded the warning. With an increase in breaches across all industries, cybersecurity has become the focus of many government agencies including the HHS. Earlier this month the HHS published its “Summer 2021 Cybersecurity Newsletter” further emphasizing the importance of information access [...]

2023-04-06T14:01:04-04:00July 30th, 2021|

EHR Breach Affects 219K Patients

In September, Nebraska Medicine reported that it had suffered a cyberattack targeting its electronic health records (EHR) system. More details on this healthcare cyber attack and EHR data breach are discussed.  Nebraska Medicine EHR Breach On September 20, 2020, Nebraska Medicine discovered that its networks and servers had been compromised when patient files were unable to be accessed. It quickly became evident that [...]

2023-04-06T14:02:04-04:00February 17th, 2021|

Remote Workers and HIPAA: How You Can Keep Your Healthcare Business Secure

With more and more remote workers in the healthcare space, PHI security should be a top concern. A recent survey determined that 44% of employees are currently working from home, with several employers expecting workers to continue to work remotely permanently. So what does this mean for cybersecurity and HIPAA compliance? To provide healthcare organizations with guidance, remote workers and HIPAA is discussed. Remote Workers and HIPAA: Data [...]

2023-04-06T14:02:12-04:00February 1st, 2021|

640k Patients Affected By Hendrick Health Breach

On January 15, Hendrick Health System began notifying 640,436 patients of a cybersecurity threat that compromised their data. More details on the incident are discussed below. What Caused the Hendrick Health Breach? On November 20 Hendrick Health System discovered that they had suffered a cyberattack that potentially compromised protected health information (PHI). Upon discovery, Hendrick Health system notified law enforcement of the incident, and launched an investigation. [...]

2023-04-06T14:02:17-04:00January 25th, 2021|