Blog Archives


Malware monster wins again!

Takeaways: The latest OCR resolution makes specific points on what OCR considers reasonable and appropriate technical safeguards of the Security Rule.  If you aren’t up to date with all of your software, it does matter very much once malware finds you. There are points in this latest OCR resolution that have been mentioned time and again. […]

Read More

And the hits just keep on coming!

Takeaways: Yet another notice that HIPAA enforcement and liability is not something to keep putting off until later.  The web of liability means it is no longer just yourself you have to worry about being caught up in audits or breaches. And the hits just keep on coming!  She says dripping with sarcasm….. If you […]

Read More

Russian Password Hack – Why Security Matters

Takeaways:  If you use the same user name and password for anything that has access to PHI and some other mundane website or service (even a small one) change it today.  In fact, make sure you change all your PHI passwords to something different.  If one is hacked, the others still have fighting chance. Security […]

Read More

Danger, Will Robinson!

Have you read the FBI Cyber Division warning to the healthcare industry?  There really isn’t anything surprising in there to many of us who work in the medical industry.  The report itself kind of acknowledges it will fall on deaf ears. Hence the title of this article because the catchphrase comes to mind when I […]

Read More

Add More To Your HIPAA Heartbleed Review List

Just as I mentioned in my earlier post on Heartbleed, there would be more to come.  Just hours after finishing that article I was reading the latest articles on the status of the situation.  This thing seems to get worse every day to many people.  I am not as shocked by the number of devices […]

Read More
Bite the Bullet

5 Tips to Just Get Your Risk Analysis Done

Doing a Security Risk Analysis is high on many lists right now.  Not only is it the number one thing OCR has defined as not being done properly, but it is also a required element for Meaningful Use attestation.  We have been getting a lot of traffic to our Risk Analysis Content page most likely […]

Read More

Breach Is Gonna Get You!

Gamblers spend years and fortunes trying to “beat the odds” often to no avail.  They know they are taking a major risk but they are looking for the big payoff.   If you are a numbers person, you boil things down to statistics or dollars and cents.  Those numbers help you make decisions based on […]

Read More
XP released

Does XP swan song affect your HIPAA compliance?

We started working with our clients on replacing XP machines in their technology plans in 2013. No one is surprised when we come calling for the last few they have installed in 2014.  They have been hearing we were removing them for a long time.  But, not everyone has had that much warning it seems. […]

Read More

Who is Phishing for your PHI?

An email arrives in your inbox tomorrow from someone working at one of the large insurance companies.  It tells you that someone has attempted to make changes to your information on their systems.  It is very specific because it uses your name and says they feel certain it was due to an attempted hack on […]

Read More

3 Reasons Businesses Covered by HIPAA Should Watch the Target Breach Carefully.

Things have been seriously chaotic around me for the last couple of months and my writing has taken a back seat.  For the first time in weeks I have a chance to sit down and write.  It feels great because there is so much going on that I have wanted to review.  Now, I must […]

Read More