Learning from 2019’s Ransomware Epidemic

Learning from 2019’s Ransomware Epidemic

In 2019, 764 healthcare providers were hit with ransomware. These organizations temporarily or permanently lost their medical records, had to redirect patients or cancel non-emergency procedures, and some even closed their doors for good. According to an Emsisoft...
Myth vs. Fact: Security Risk Analysis

Myth vs. Fact: Security Risk Analysis

As a company that handles protected health information (PHI), HIPAA requires you to analyze how you manage risks to your PHI. This is known as a security risk analysis (SRA). The U.S. Department of Health and Human Services says risk analyses are vital to HIPAA...
Phishing: Don’t Take the Bait

Phishing: Don’t Take the Bait

Because healthcare organizations hold a wealth of sensitive information, they’ve been prime targets of phishing attacks for years. In a 2018 report by Merlin International, 62% of respondents (healthcare organizations) had experienced a cyberattack in the last year,...
Does HIPAA Require Encryption?

Does HIPAA Require Encryption?

In 2012-2013, the University of Texas MD Anderson Cancer Center had three data breaches involving unencrypted devices. An unencrypted laptop had been stolen from an employee’s home, and they had lost two unencrypted USB thumb drives. These incidents compromised the...