Tag Archives: Cybersecurity

The Office of the National Coordinator Releases Guidance on Recent International Ransomware Campaign

With the news of the newest international ransomware campaign that is currently affecting some organizations within the Health Care sector, it is important to not only educate staff on necessary precautions, but also be aware of steps to take in the instance you are infected by a ransomware attack. The following information was distributed  today … Continue reading this entry

17 Measures Every Health Care Organization Should Consider to Reduce the Risk of Cyber-Intrusions

cybersecurity
The importance of privacy in the health care industry starts at the most basic level between a patient, a doctor, and the doctor’s laptop computer. The levels of importance and complexity increase exponentially when you look at entire networks of payers and providers. The amount of data produced and stored in these organizations is staggering … Continue reading this entry

Ransomware Reporting Requirements & New HHS Guidance

New York Office of the Medicaid Inspector General Releases 2014-2015 Work Plan
Ransomware is malicious software that denies access to data, usually by encrypting the data with a private encryption key that is only provided once a ransom is paid. Sometimes the ransomware will actually destroy, steal, or export data from information systems. Ransomware has become a significant threat to all U.S. businesses and individuals, and a … Continue reading this entry

Are You Effectively Training Employees in The Battle Against Ransomware?

No health care organization or provider is safe from ransomware threats, and a slew of recent noteworthy attacks have driven the point home. The results of an attack can be devastating to the organization, and hundreds of millions of dollars in damages have already been reported. Health care providers, particularly senior executives, officers, and directors, … Continue reading this entry

Phase 2 of HIPAA Compliance Audits Now Underway

The Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services (DHHS) recently announced that it has initiated Phase 2 of its audit program to assess Covered Entities’ and Business Associate’s compliance with the Health Insurance Portability and Accountability Act (HIPAA) privacy, security, and breach notification rules (the HIPAA Audit Program). … Continue reading this entry

Top 3 Cybersecurity Misconceptions - Is Your Company at Risk?

Cybersecurity is an issue that should be top-of-mind for all companies. But there are three misconceptions about cybersecurity that can put companies at significant risk. In this video, Foley Partner Michael Overly discusses these misconceptions and how companies should change their views of and approaches to cybersecurity.… Continue reading this entry

Deconstructing Cyberinsurance Coverage: Lessons From the Travelers Case

The American Health Lawyers Association last week published an analysis of one of the first cases involving a cyber liability insurance policy. The e-alert is republished below. Please note that any further reproduction of this work requires the advance written permission of the American Health Lawyers Association. On May 11, the U.S. District Court for the … Continue reading this entry

Blue Pill/Red Pill: How Officers and Board Members Can Swallow the Red Pill and See the Real World of Cybersecurity

The answer is out there and it is looking for you. It will find you if you want it to. In the 1999 movie The Matrix, Morpheus gives Neo a simple choice: take the blue pill, and Neo can go on believing whatever he wants to believe. Take the red pill, and Neo stays in Wonderland and gets … Continue reading this entry

ONC Releases Updated Guide to Privacy and Security of Electronic Health Information

The Office of the National Coordinator for Health Information Technology (“ONC”) of the U.S. Department of Health and Human Services (“HHS”) recently released Version 2.0 of the Guide to Privacy and Security of Electronic Health Information (“Guide”). The Guide is a tool intended to assist providers as they work to comply with federal programs’ requirements … Continue reading this entry

Why the Health Care Industry Needs to Focus on Data-Flow Restrictions in China

mHealth
U.S. health care providers, device manufacturers, lab managers, health information technology and telemedicine/telehealth project investors, and other industry members involved in projects in China, need to be aware of a long and growing list of China-specific data-flow and content restrictions. These restrictions are increasingly concerning in light of the health care industry’s growing use of … Continue reading this entry

Phishing and Spear Phishing: Modern Methods Applied to Age-Old Social Engineering

It may surprise many who have observed the recent media attention of data breaches to learn that in the world of Cybersecurity, sometimes it’s the oldest attacks that find new life when they are applied in new ways. Phishing attacks, a form of social engineering where hackers try to trick their victims into revealing confidential information … Continue reading this entry

Taking Control of Cybersecurity: What Health Care Organizations Need to Know

Sony, Target, Westinghouse, Home Depot, U.S. Steel, Neiman Marcus, and the National Security Agency (NSA). The security breaches suffered by these and many other organizations, including most recently the consolidated attacks on banks around the world, combined with an 80 percent increase in attacks in just the last 12 months, have catapulted cybersecurity to the … Continue reading this entry