The Importance of Effective Incident Response
With cybersecurity threats continuously evolving, having a strong incident response (IR) plan is crucial for businesses of all… Continue reading The Importance of Effective Incident Response
Category Archives: HIPAA
HHS Office for Civil Rights Announces the Release of the Security Risk Assessment (SRA) Tool
Following up on a settlement yesterday that was HHS’s first enforcement action under OCR’s Risk Analysis Initiative, HHS OCR today released a security risk assessment tool. Here is their statement about it: Today, the U.S. Department of Health a… Continue reading HHS Office for Civil Rights Announces the Release of the Security Risk Assessment (SRA) Tool
Summit Pathology Laboratories notified 1.8 million patients of a breach. Less than 48 hours later, they were sued.
On October 18, Summit Pathology and Summit Pathology Laboratories (“Summit”) in Colorado notified HHS of a breach affecting 1,813,538 patients. By October 21, personal injury law firms started reporting on the breach and recruiting potentia… Continue reading Summit Pathology Laboratories notified 1.8 million patients of a breach. Less than 48 hours later, they were sued.
How to Set Up a VoIP Call Center on Time, Under Budget
Learn my seven-step foolproof process for setting up a VoIP call center as fast as possible without breaking the bank or settling for less. Continue reading How to Set Up a VoIP Call Center on Time, Under Budget
Need HIPAA Compliant VoIP? Make Sure You Have a Signed BAA
If your business or job role involves handling patient information, you likely have to meet or surpass HIPAA requirements. We’ll walk you through the process of ensuring you’re using HIPAA compliant VoIP. Continue reading Need HIPAA Compliant VoIP? Make Sure You Have a Signed BAA
How does a pentesting engagement change under HIPAA?
I am a intermediate pentester who will soon be conducting a engagement with a hospice. This is my first engagement with a network where HIPAA is involved, and I am researching how this may affect my statement of work. My research so far ha… Continue reading How does a pentesting engagement change under HIPAA?
HHS OCR: Covered entities affected by the Change Healthcare breach may delegate tasks of providing HIPAA breach notifications to Change Healthcare
May 31 – Today, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) published an update to the frequently asked questions (FAQs) webpage concerning the Change Healthcare cybersecurity incident. The webpage, first… Continue reading HHS OCR: Covered entities affected by the Change Healthcare breach may delegate tasks of providing HIPAA breach notifications to Change Healthcare
United Urology Group appears to be a victim of a ransomware attack; some patient data already leaked
United Urology Group describes itself as a national network of urology specialists with corporate headquarters in Maryland. Their network includes Arizona Urology Specialists Phoenix, Arizona Urology Specialists Tucson, Chesapeake Urology, Colorado Uro… Continue reading United Urology Group appears to be a victim of a ransomware attack; some patient data already leaked
100 Groups Urge Feds to Put UHG on Hook for Breach Notices
Marianne Kolbasuk McGee reports: More than 100 medical associations and industry groups representing tens of thousands of U.S. doctors and healthcare professionals have banded together to urge federal regulators to hold Change Healthcare responsible fo… Continue reading 100 Groups Urge Feds to Put UHG on Hook for Breach Notices
Guthrie Lourdes Hospital still struggling with effects of Ascension cyberattack
Phoebe Taylor-Vuolo, Report for America corps member, reports: Guthrie Lourdes Hospital in Binghamton continues to feel the impact of a recent cyberattack on Ascension, its former parent organization. Ascension said it was hit with a ransomware attack … Continue reading Guthrie Lourdes Hospital still struggling with effects of Ascension cyberattack