Healthcare Remains Top Target in 2022 ITRC Breach Report

At least 344 organizations in the healthcare industry suffered data breaches in 2022, according to a just-released report from the Identity Theft Research Center® (ITRC). This is the third consecutive year that healthcare organizations led all industries in the number of data compromises noted in the ITRC report. Healthcare organizations represented 19 percent of the 1,802 breaches reported in the 2022 ITRC [...]

2023-01-27T13:22:00-05:00January 25th, 2023|

HIPAA Compliant Cloud Storage: How to Pick the Right Solution

As an MSP working with healthcare clients, you must consider compliance. This is because there are several areas in which you can interact with patient data. This may include backups, fileshare platforms, hosted VoIP, or any other cloud apps that have access to client data. Your healthcare clients need to trust that you are using HIPAA compliant tools to manage their data, including the cloud storage [...]

2022-12-09T15:29:11-05:00December 9th, 2022|

Cybersecurity Response Plans and CIRCIA

In March 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This new law will likely trigger changes to the cybersecurity response plans of many organizations. While there is not currently a standard to enforce, healthcare providers and the companies that provide support services to them will be affected by this new law.  CIRCIA Background [...]

2022-11-17T17:03:29-05:00November 14th, 2022|

Managing Security: Healthcare Cybersecurity Policies and Standards

Establishing a healthcare cybersecurity policy is important for multiple reasons. Cybersecurity policies create standards for your staff, enabling them to keep sensitive information private. HIPAA requires healthcare organizations to have policies and procedures that limit the use and disclosure of patient information, and to ensure that it is not accessed inappropriately. How to Create Your Healthcare Data Security Policy Cybersecurity policies provide [...]

2022-11-04T16:32:43-04:00November 4th, 2022|

Managing Technology: Medical Device Security

Managing your organization’s cybersecurity is complex. Many fail to account for medical device security, forgetting that these devices connect to the internet, making them vulnerable. Medical device security standards are essential to consider as part of your overall security strategy. Medical Device Security Standards Medical device security is imperative to safeguard protected health information (PHI) adequately. Many medical devices, such as MRI [...]

2022-11-04T16:32:43-04:00November 2nd, 2022|

HIPAA Cyber Incident Response Requirements

The HHS cybersecurity best practices serve as a guide healthcare organizations can adopt to improve their security posture. One of these best practices is security incident response.  HIPAA requires healthcare organizations to report security incidents to the Office for Civil Rights (OCR). HIPAA defines a security incident as “the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or [...]

2022-11-04T16:32:44-04:00October 31st, 2022|

HIPAA Vulnerability Management: Identifying and Addressing Security Gaps

Vulnerability management is a crucial part of any cybersecurity program and is one of the Department of Health and Human Services recommended cybersecurity best practices. Specific to healthcare, HIPAA vulnerability management refers to identifying risks to patient information and implementing measures that reduce the risk. What is HIPAA Vulnerability Management? HIPAA vulnerability management identifies possible risks in an organization’s network security.  This [...]

2022-10-28T16:04:41-04:00October 28th, 2022|

Healthcare Network Security: Network Management

One of the HHS cybersecurity best practices recommends that organizations implement network management processes to improve data security. Network security in healthcare is more important than ever. Healthcare organizations are vulnerable to hacking incidents when they fail to implement network security practices. What is Network Management? Network management is the process of securing and maintaining a network by implementing security practices. Healthcare [...]

2022-10-28T16:04:41-04:00October 26th, 2022|

Cybersecurity Best Practices: Healthcare Asset Management

As part of the practice of handling protected health information (PHI) during their regular duties, healthcare providers must take precautions to safeguard sensitive information. The Department of Health and Human Services (HHS) recommends ten practices that anyone handling PHI needs to implement, the fifth of which is healthcare asset management. What is Healthcare Asset Management?  Healthcare asset management, as HIPAA views it, [...]

2022-10-21T12:56:47-04:00October 21st, 2022|

The Hardest Healthcare Cybersecurity Vulnerability To Patch

As of September 23, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) added 225 additional vulnerabilities to its Known Exploited Vulnerability Catalog, bringing the total to 834. These are software and operating systems vulnerabilities exploited by cybercriminals in real-world attacks. Patching healthcare cybersecurity vulnerabilities upon discovery is critical to maintaining the security and integrity of any network. But one type of vulnerability [...]

2022-10-14T15:54:20-04:00October 14th, 2022|