Clik here to view.
Stop Looking for a PCI Mobile Standard
Mobile devices were never designed for secure payment processing.By: Gary GloverThis article was also featured in The Green Sheet.Blaming the PCI Council for the industry’s confusion over mobile...
View ArticleClik here to view.
Are HTTP Websites Insecure?
HTTP vs. HTTPS: One little letter can make a lot of difference. By: Brand BarneyIf you’ve never paid attention to the browser URL while surfing the Internet, today is the day to start. At the prefix of...
View ArticleClik here to view.
Balancing Mobile Convenience and PHI Security
Smartphone and tablet users must have certain security precautions in place. By: Gary GloverThis article was also featured in For the Record: “Take Steps to Ensure Mobile Device Security”Managing...
View ArticleClik here to view.
Are Patient Sign-In Sheets HIPAA Compliant?
Should you even take the risk? By: Tod FerranMy stance on patient sign-in sheets is that unless there is a valid business reason for having them, don’t do it. In all the healthcare audits I’ve...
View ArticleClik here to view.
Current Hacking Trends: Remote Access
How you can avoid being the next victim. This article is an excerpt from our ebook, Current Hacking Trends. To download your free copy of the complete ebook, click here.The recent outbreak of highly...
View ArticleClik here to view.
HIPAA Compliance: What to Expect With Upcoming HHS Audits
OCR enforcement will find many HIPAA violations among physician practices. By: Tod FerranHave you been notified yet? Phase 2 of the HHS/OCR audits are happening this year. In addition to the...
View ArticleClik here to view.
Help Benchmark the Healthcare Industry’s Security and Compliance
A survey for single hospital systems and other covered entities. Tons of research has been done in the healthcare industry. Some research has been done on HIPAA. But virtually no research has been done...
View ArticleClik here to view.
Unencrypted Data: A Security Plague
A look inside the widespread storage of payment card data. By: Gary GloverThis article was also featured in the 2014 HITEC Special ReportI have a few major concerns for payment security at the...
View ArticleClik here to view.
Everyone is Not Created Equal in Healthcare
Role-based access is crucial for PHI security. By: Tod FerranEveryone has his or her own role at an organization. The receptionist checks patients in. The nurse takes blood pressure. The physician...
View ArticleClik here to view.
Security Blunder Case Studies
These three businesses had no idea it was coming. By: David EllisThis article was also featured in Multi-Unit Franchisee: “Prevent Hacking Horror Stories”We hear hacking horror stories every day....
View ArticleClik here to view.
What To Do If Your Business Is Hacked
If your organization is compromised, you’re not powerless. By: Brand BarneySmall businesses are the target of many compromises. In fact, according to Symantec, cyber attacks on small businesses rose...
View ArticleClik here to view.
You Can’t Hide Behind a Business Associate Agreement
What it really means to maintain BA HIPAA complianceBy: Tod FerranThis article was also featured in HITECH Answers.During the last few months of auditing various HIPAA environments, I’ve seen three...
View ArticleClik here to view.
Cross-Site Scripting, Explained
One of the most common website attacks that most businesses have never heard of. By: Brand BarneyCross-site scripting (also known as XSS) allows bad guys to embed malicious code into a legitimate (but...
View ArticleClik here to view.
5 Things You Should Know About Minimum Necessary PHI
“All this is on a strictly need-to-know basis. As in, nobody else needs to know.” –Kami Garcia. By: Tod FerranThere aren’t many times in life where you can get away with doing the bare minimum. PHI is...
View ArticleClik here to view.
PCI Compliance Scanning Requirements
Vulnerability scanning, the easiest way to predict how hackers might get into your system. By Brand BarneyDid you know there’s an easy way to identify and predict how hackers might get into your...
View ArticleClik here to view.
Shellshock: Be Wary, But Don’t Panic
Hundreds of millions are vulnerable. The questions is, how many are actually exploitable? On September 24, a new bug was reported that you may have heard about. Shellshock, also known as the Bash Bug,...
View ArticleClik here to view.
HIMSS Privacy and Security Forum Takeaways
A successful security program is all about managing risk. By: Tod FerranI had the opportunity to attend the Healthcare IT News/HIMSS Media Privacy & Security Forum in Boston. The speakers presented...
View ArticleClik here to view.
5 Most Bizarre HIPAA Breaches of 2013
Learn simple security protocols to protect patient data. This article is an excerpt from our ebook, 5 Most Bizarre HIPAA Breaches. Download your free copy of the complete ebook.As one of the industry’s...
View ArticleClik here to view.
7 Hearty Tips to Avoid Costly Data Breaches
Deterring hackers with simple security precautions. By: Brand BarneySmall to midsize merchants often trust that their modest size will allow them to slip below hacker radar. Sadly, trends show hackers...
View ArticleClik here to view.
You May Not Be Done With Your HIPAA Requirements
Understand HIPAA Privacy and Security Rules, and how they apply to your organization. By: Tod FerranWhen you think about Health Insurance Portability and Accountability Act (HIPAA) compliance, you may...
View Article