Sign in

News and Toolkit Updates

1

Recent breach shows importance of BA agreements

Carefully managing your Business Associates (BA) agreements is important. At PrivaPlan we can’t emphasize that enough. The following story illustrates why. As if going to the dentist doesn’t cause enough anxiety, last week 4300 dental patients learned that their personal records may have been compromised. Massachusetts General Hospital (MGH) in Boston contacted the patients about…

From the PrivaPlan Blog

1

Health Sector Cybersecurity Coordination Center opens

The Health Sector Cybersecurity Coordination Center underscores HHS’ commitment to support and improve the health sector’s cybersecurity defenses. 

2

PrivaPlan advises rural health care staff to train, train and retrain

Train, train and retrain is at the top of PrivaPlan’s list of practical solutions for being HIPAA compliant.

3

PrivaPlan HIPAA Certification Program promotes culture of compliance

PrivaPlan’s HIPAA Certification Program is giving healthcare professionals access to what had once been next to impossible to find: a one-stop shop to become a certified HIPAA expert.

4

HHS waives HIPAA sanctions and penalties for hurricane-affected hospitals

As Hurricane Florence continues its destructive path, hospitals affected by the storm have been given the go ahead to break certain provisions of the HIPAA Privacy Rule.

5

Verizon’s 2018 Data Breach Investigations Report Shows Healthcare Suffers Most Breaches

Can you hear me now? Verizon reports that the healthcare industry had more breaches than any other industry in 2017. In the recently released 2018 Data Breach Investigations Report (DBIR) by Verizon, Personally Identifiable Information and Protected Health Information were shown to be the most common types of data compromised overall, even more than payment…

6

Judge rules in favor of OCR, orders cancer center to pay $4.3 for HIPAA violations 

A HHS Administrative Law Judge has ruled that MD Anderson violated HIPAA and is requiring the Texas cancer center to pay $4.3 million in penalties to the OCR. 

7

World’s worst criminal phishing botnet gets trickier

The notorious Necurs botnet has upped its crime game by adopting a retro trick to make itself more evasive and less likely to having its phishing intercepted by your filters.

8

Hacking group targets healthcare industry worldwide

Cybersecurity firm Symantec announced this week that a hacking group called Orangeworm appears to have been targeting the healthcare industry in the United States, Europe, and Asia.

9

Vendor email attachments could be phishing bait

One of the latest reported email phishing schemes is very hard to beat and it always includes an attachment. What can you do about it?

10

HIMSS survey shows significant security incidents

The annual HIMSS cybersecurity survey released March 8 revealed that nearly 76 percent of health information security professionals believe their organizations experienced a significant security incident in the past 12 months.

11

Latest phishing scams target payroll direct deposits

Scammers are cashing in on company paydays much to the chagrin of employees who had a lapse in judgment and shared their log-in credentials. Warn your employees NOW about this latest phishing scam involving payroll portals.

12

W-2 phishing season is here…again

As the tax season gets underway, you can bet that cyber criminals are doing their tax preparations for W-2 phishing; they’re preparing to dupe hundreds of payroll and HR departments into providing W-2 data on their employees.

13

Phishing scam exposes PHI of patients at Colorado Mental Health Institute

As the year comes to an end, there appears to be no end in sight for healthcare data hacks. An employee at the Colorado Mental Health Institute at Pueblo recently fell for a phishing scam that potentially exposed the PHI of 650 patients.

14

Will a Federal Data Security and Breach Notification Act finally get passed?

Three Democratic Senators re-introduced a Data Security and Breach Notification Act on Thursday that has failed to get legislative approval since 2015.

15

Protect your data: 10 tips for online shopping

The National Retail Foundation says that 78 million people plan to do online shopping on Cyber Monday. No doubt a good number of those will do that at work.

16

New HIPAA guidance released in opioid crisis

Responding to the opioid crisis, the OCR explains when and how healthcare providers can share a patient’s health information without violating HIPAA.

17

Our experts talk security with rural health care group

David Ginsberg talked about cyber security during one of the three sessions he led at the Colorado Rural Health Care Annual Rural Health Conference this week.

18

Expect phishing attacks to follow Equifax hack

With news that cyber criminals stole 143 million credit records in a hacking scandal at Equifax, highly targeted spear phishing attacks are expected.

19

Latest HIMSS cybersecurity report: threats rise, so does security

The August 2017 HIMSS Cybersecurity Report indicates that respondents are taking proactive steps to stay ahead of security threats.

20

A new cyber threat is also a HIPAA Security threat

Recent analysis of a new variant of what appeared to be ransomware turns out instead to be malicious software that erases files on computers.

21

Worldwide ransomware attack is on the move

A quickly spreading ransomware attack is hitting countries across the world, including the United States.

22

GOP data firm causes largest US voter data leak to date

Political data of 198 million US citizens was exposed after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server.

23

New expiration for ABN form goes in effect June 21

CMS is implementing mandatory use of the revised ABN form on June 21 with the newly incorporated March 2020 expiration date.

24

Use extreme caution in WannaCry Ransomware Attack

The largest cyberattack in history is hitting the U.S. today. Last week, multiple countries around the world reported falling victim to the WannaCry ransomware attack. Numerous hospitals and healthcare information systems were impacted.

25

Google Docs used in latest phishing attack

A widespread phishing attack using Google Docs is currently hitting inboxes. This is a good time to be extra cautious about clicking links.