The US Department of Health and Human Services just released an emergency directive to notify the Health and Public Health Sector of significant vulnerabilities identified in the Microsoft Windows Operating Systems. The Cybersecurity and Infrastructure Security Agency (CISA) has determined the weaknesses pose an unacceptable threat to the Federal enterprise and require immediate action. They...
Cyberterrorism is on the rise, and this includes phishing attacks. According to a recent report from Verizon, 90% of all data breaches are linked to phishing attacks. With the average cost of a successful phishing attack for a medium-sized business totalling $1.6 million, it is critical to ensure employees are educated on how to identify...
As the holiday season draws near, MedSafe urges healthcare organizations and employees to be aware of online scams. Phishing attacks are on the rise with the highest rates since 2016, according to the Phishing Activity Trends Report. What is Phishing? The Federal Trade Commission (FTC) defines phishing as a type of fraudulent communication that targets...
Is texting HIPAA compliant? The answer to this question is not as simple as it may seem. With more and more medical professionals relying on their personal mobile devices for communication, texting has become a significant challenge for healthcare organizations nationwide. Whether or not texting is HIPAA compliant largely depends upon what is texted, who...
HIPAA Breaches can cost healthcare organizations millions. Healthcare data breaches typically cost more than data breaches in any other industry. In fact, the average cost of a healthcare data breach in the United States is $15 million. The 2018 Cost of a Data Breach Report from IBM and Ponemon Institute found that the average healthcare...
Understanding HIPAA Right of Access- A Patient’s Right to Access their Medical Records According to a recent study there has been widespread noncompliance with the HIPAA right of access. In fact, more than half of the providers that were assessed in this report were either not fully compliant with the HIPAA law or it took...
PHI stands for Protected Health Information. According to the HIPAA Privacy Rule, protected health information is identifiable information related to the present, past, or future health status of a patient. It includes all personal health information that is created, collected, transmitted or maintained by a HIPAA-covered entity concerning the provision of healthcare or payment for...
According to the Department of Health and Human Services (HHS), business associates of HIPAA covered entities may be held liable for noncompliance of certain HIPAA rules and requirements. HHS has provided the following list of HIPAA violations that business associates can be held fully liable. Penalties for HIPAA Violations by Business Associates HHS will be...
A recent report published by The Poneman Institute/IBM Security released a comprehensive analysis of data breaches reported in 2018. The report indicated that data breach costs have continued to increase, with healthcare organizations experiencing the costliest cases. Below are a few highlights from the report: The report also identified several factors that can reduce the...
The month of April proved to be a busy one for cyberterrorists, with reportedly more breaches than any previous month. The increasing rates of healthcare breaches continued in May, resulting in the exposure of almost 2 million individuals’ protected health information. So far this year, more than 6 million healthcare records have been exposed, which is more...
