Search Posts

Category: News

Why You Need An Cyber-Education Plan!

Contact The IT Guys to start a routine, periodic education program for employees/users of any business-not just our HIPAA-Specific Training… Phishing fears cause workers to reject genuine business communications excerpt: Centers for Disease Control and Prevention (CDC) activated its Emergency Operations Center to assist public health partners in responding to COVID-19. Notifications about the pandemic are one example of messaging that some recipients fear to be phishing scams. (CDC) COVID-19 contact tracers are reportedly having difficulties alerting […]

10 Technologies for Grey Zone Conflicts

  Ten Technologies to Stop Grey Zone Attacks The report breaks grey zone attacks down into five categories: Deniable attacks: A cyber attack on utilities or drones attacking an airport Information attacks: Foreign election interference or false text message/email scams User of proxy force: Terrorist attacks on cities or infrastructure Economic coercion: An adversary purchasing and disabling a piece of infrastructure such as an oil refinery Territorial encroachment: Seizing a fishing lane or sovereign territory It also describes 10 […]

11 Minutes of What I Wish All My Customers Could Watch

Imagine your company hires a new employee and then everyone just ignores them, day in and day out, while they sit alone at their desk getting paid to do nothing. This situation actually happens all the time — when companies invest millions of dollars in new tech tools only to have frustrated employees disregard them, says Nadjia Yousif. In this fun and practical talk, she offers advice on how to better collaborate with the technologies […]

7 Steps to Becoming HIPAA Compliant

7 Steps to Becoming HIPAA Compliant 1 Develop and enforce policies and procedures. 2 Appoint or designate a HIPAA Compliance Officer. 3 Conduct effective employee and management training. 4 Establish effective channels of communication. 5 Conduct internal monitoring and auditing. 6 Respond to breaches and undertake corrective action. 7 Assess policies and procedures and amend as necessary. Call The IT Guys to get on track with compliance before you are hit with a multi-million dollar […]

Health Insurer Pays $6.85 Million to Settle Data Breach Affecting Over 10.4 Million People

“If large health insurance entities don’t invest the time and effort to identify their security vulnerabilities, be they technical or human, hackers surely will. This case vividly demonstrates the damage that results when hackers are allowed to roam undetected in a computer system for nearly nine months,” said Roger Severino, OCR Director.  September 25, 2020 Health Insurer Pays $6.85 Million to Settle Data Breach Affecting Over 10.4 Million People   Premera Blue Cross (PBC) has […]

HIPAA Business Associate Pays $2.3 Million to Settle Breach Affecting Protected Health Information of Over 6 million Individuals

September 23, 2020 CHSPSC LLC, (“CHSPSC”) has agreed to pay $2,300,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules related to a breach affecting over six million people. CHSPSC provides a variety of business associate services, including IT and health information management, to […]

Another Example of Woes from Not Updating

Windows Server Update Gets Serious: You Have The Weekend To Comply, Homeland Security Says excerpt: Windows security updates should always be taken seriously, of that there is no doubt. But when the U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) issues an emergency directive for a perfect 10, critical, Windows Server vulnerability, the urgency meter goes off the scale. This is a vulnerability that could enable an attacker with network access to […]

Protecting Yourself from HHS/OCR Fines

September 15, 2020 HHS Security Risk Assessment Tool Version 3.2 and Webinar   SRA Tool Version 3.2 The Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) have released version 3.2 of the popular HHS Security Risk Assessment (SRA) Tool. This tool is designed to aid small and medium sized health care organizations in their efforts to assess security risks. The latest version of the SRA Tool […]

Being Attacked: What you should know BEFORE!

When every small to mid-size business should read! Excerpt: September 8, 2020 Cyber Alert: Technical Approaches to Uncovering and Remediating Malicious Activity OCR is sharing an update with our listserv from the Cybersecurity and Infrastructure Security Agency (CISA), highlighting technical approaches to uncovering malicious activity and implementing mitigation best practices. This resource provides information that can help organizations identify artifacts that could indicate potential malicious activity as well as actions organizations can take to recover […]

Next Page »