Security Risk Management

HIPAA Rules Regarding Ransomware

July 20, 2016
Marc Quibell
Application Security, Breaches, Healthcare Security, HIPAA, Incident Response, Security Risk Management, Uncategorized
0 Comments

Ransomware is a huge issue today, across the globe, and throughout all industries. It is an ever-evolving threat as it morphs from one form to another, constantly chasing revenue streams as mitigating techniques lag behind. For HIPAA and Covered Entities,…

Fighting Back Against Ransomware

March 29, 2016
Redspin
Breaches, Healthcare Security, HIPAA, Incident Response, Penetration Testing, Security Risk Management, Social Engineering
0 Comments

Ransomware is not a new cybersecurity threat; it has been around for over a decade. But the growing sophistication of this malicious scheme and increasing frequency of attacks have security professionals and law enforcement concerned. In 2015, the FBI issued…

Healthcare Information Security/Management is More Than Just HIPAA Compliance

February 24, 2016
Marc Quibell
Breaches, Healthcare Security, HIPAA, Security Risk Management
1 Comment

Data security and HIPAA compliance at healthcare organizations around the nation have traditionally focused on one thing: protecting systems that contain and/or process patient information. Today’s headlines continually focus on security breaches that consist solely of patient information losses. Recently…

What Do 60 Minutes and the NSA Have in Common?

On November 20th, Adm. Michael Rogers, Deputy Director of the NSA and head of the US Cyber Command, testified before the House Intelligence Committee that China and "one or two other countries" had the capability to launch cyber attacks on the U.S. that could shut down the electrical grid and other critical infrastructure systems.

Helpful Reminders About HIPAA Security Risk Analysis

October 21, 2014
Redspin
Healthcare Security, HIPAA, Main, Security Risk Management
1 Comment

If protecting the integrity of patient health care information were not already sufficient incentive to improve IT security, being HIPAA compliant has perks.

4 Things You Should Know About Social Engineering

October 16, 2014
Redspin
Security Risk Management, Social Engineering
0 Comments

The biggest social engineering threat to organizations is not a specific type of scam, but a general lack of employee awareness.

The Risks of a HIPAA Security Risk Analysis

July 8, 2014
Redspin
Healthcare Security, HIPAA, Main, Security Risk Management
1 Comment

The risk of a HIPAA risk analysis is in not selecting the right team for the job.

Why Risk an Incomplete HIPAA Risk Assessment?

February 27, 2014
Redspin
Healthcare Security, HIPAA, Main, Security Risk Management
1 Comment

Covered entities and their business associates must conduct periodic HIPAA risk assessments (aka: HIPAA risk analysis) under the HIPAA Security Rule and Omnibus Final Rule. For eligible covered entities, a HIPAA risk assessment is also a core requirement of their…

The Biggest Oversight in HIPAA Security Risk Assessments – Security!

January 23, 2014
Redspin
Healthcare Security, HIPAA, Main, Security Risk Management
0 Comments

There are many HIPAA consultants, law firms, software companies, cloud service providers, and others who will happily provide you with a quote for a HIPAA security risk analysis. Neither the HIPAA Security Rule nor the respective references in Meaningful Use…

The ROI of Business Associate Security Risk Management

November 28, 2012
Redspin
Healthcare Security, HIPAA, Main, Security Risk Management
0 Comments

Redspin now offers a Business Associate Risk Analysis service that helps hospitals and other covered entities understand where their highest BA risk lies so that they can take preventive measures and/or implement contingency plans to mitigate that risk.

IT Security Blog