A recent report from Proofpoint provides insights into the most common attacks faced by healthcare organizations. To help better understand the evolving cyberthreat landscape, the report analyzed a year of cyberattacks against healthcare providers, pharmaceutical and life sciences organizations, and health insurers between 2018-2019. One key trend noted throughout the report suggests that today’s cyberattacks...
On January 28, 2020, The Department of Health and Human Services (HHS) released a notice regarding legislative modifications made to the HIPAA Omnibus Final Rule of 2013. The announcement was about a final rule published by HHS on January 25, 2013, entitled “Modifications to the HIPAA Privacy, Security, and Enforcement Rules Under the Health Information Technology for...
In light of the Novel Coronavirus (2019-nCoV) outbreak, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) is providing this bulletin to ensure that HIPAA covered entities and their business associates are aware of the ways that patient information may be shared under the HIPAA Privacy Rule in...
The US Department of Health and Human Services just released an emergency directive to notify the Health and Public Health Sector of significant vulnerabilities identified in the Microsoft Windows Operating Systems. The Cybersecurity and Infrastructure Security Agency (CISA) has determined the weaknesses pose an unacceptable threat to the Federal enterprise and require immediate action. They...
Cyberterrorism is on the rise, and this includes phishing attacks. According to a recent report from Verizon, 90% of all data breaches are linked to phishing attacks. With the average cost of a successful phishing attack for a medium-sized business totalling $1.6 million, it is critical to ensure employees are educated on how to identify...
As the holiday season draws near, MedSafe urges healthcare organizations and employees to be aware of online scams. Phishing attacks are on the rise with the highest rates since 2016, according to the Phishing Activity Trends Report. What is Phishing? The Federal Trade Commission (FTC) defines phishing as a type of fraudulent communication that targets...
Is texting HIPAA compliant? The answer to this question is not as simple as it may seem. With more and more medical professionals relying on their personal mobile devices for communication, texting has become a significant challenge for healthcare organizations nationwide. Whether or not texting is HIPAA compliant largely depends upon what is texted, who...
HIPAA Breaches can cost healthcare organizations millions. Healthcare data breaches typically cost more than data breaches in any other industry. In fact, the average cost of a healthcare data breach in the United States is $15 million. The 2018 Cost of a Data Breach Report from IBM and Ponemon Institute found that the average healthcare...
Understanding HIPAA Right of Access- A Patient’s Right to Access their Medical Records According to a recent study there has been widespread noncompliance with the HIPAA right of access. In fact, more than half of the providers that were assessed in this report were either not fully compliant with the HIPAA law or it took...
PHI stands for Protected Health Information. According to the HIPAA Privacy Rule, protected health information is identifiable information related to the present, past, or future health status of a patient. It includes all personal health information that is created, collected, transmitted or maintained by a HIPAA-covered entity concerning the provision of healthcare or payment for...
