HIPAA law is a complex world of “dos,” “don’ts,” and grey areas. You know HIPAA training is required by law, but you may feel unsure exactly how and when you’re supposed to train your staff. What makes it worse is that many vendors mislead HIPAA-covered companies in...
Because healthcare organizations hold a wealth of sensitive information, they’ve been prime targets of phishing attacks for years. In a 2018 report by Merlin International, 62% of respondents (healthcare organizations) had experienced a cyberattack in the last year,...
As a HIPAA compliance professional, it can seem like you’re running from one disaster to the next. You’re so busy putting out “fires” all day that you barely have time to work on your HIPAA compliance program before another ember ignites. It seems you only have time...
In 2012-2013, the University of Texas MD Anderson Cancer Center had three data breaches involving unencrypted devices. An unencrypted laptop had been stolen from an employee’s home, and they had lost two unencrypted USB thumb drives. These incidents compromised the...
An employee complains about having to change their password yet again. After minutes spent crafting the new password, they jot it down on a sticky note and stick it to their monitor. Sound familiar? Creating and remembering complex passwords is the bane of healthcare...