FBI Cyber Division Issues Warning to Medical and Dental Facilities to Secure “Anonymous” FTP Servers Containing PHI

March 29, 2017. The Cyber Division of the Federal Bureau of Investigation (FBI) on March 22, 2017, issued a Private Industry Notification entitled: “Cyber Criminals Targeting FTP Servers to Compromise Protected Health Information [PHI].” FTP servers mean File Transfer Protocol servers, with “U(FTP) a protocol widely used to transfer data between network hosts.” with “The anonymous extension of FTP allows a user to authenticate to the FTP server wia common username such as ‘anonymous’ or ‘ftp’ without submitting a password or by submitting a generic password or e-mail address.”

DO NOT DELAY TO CONDUCT OR UPDATE—AND DOCUMENT—YOUR HIPAA RISK ASSESSMENT!

March 27, 2017. Today, HealthITSecurity published an important empirical article entitled: “Preparing for an OCR HIPAA Risk Assessment Audit: Covered entities need to understand the basics of an OCR HIPAA risk assessment audit so they can have a smooth process and keep patient data secure.” The article describes the risk assessment endeavor undertaken by “Night Nurse, a 24-hour, 365 day per-year triage support and medical-home compliance provider,” focusing on the time required for a comprehensive HIPAA risk assessment that took “approximately one year” to complete three phases:

Categories



Archives

  • October 2017 (1)
  • August 2017 (3)
  • July 2017 (1)
  • June 2017 (7)
  • May 2017 (12)
  • April 2017 (10)
  • March 2017 (2)
  • February 2017 (3)
  • January 2017 (4)
  • December 2016 (4)
  • November 2016 (7)
  • October 2016 (7)
  • September 2016 (2)
  • August 2016 (1)
  • July 2016 (3)
  • June 2016 (1)
  • May 2016 (1)
  • April 2016 (8)
  • March 2016 (6)
  • February 2016 (2)
  • December 2015 (1)
  • November 2015 (1)
  • October 2015 (4)
  • September 2015 (1)
  • June 2015 (8)
  • May 2015 (3)
  • April 2015 (2)
  • March 2015 (1)
  • November 2014 (1)
  • September 2014 (15)
  • August 2014 (6)
  • July 2014 (1)
  • June 2014 (13)
  • May 2014 (11)
  • April 2014 (13)
  • March 2014 (6)
  • February 2014 (12)
  • January 2014 (3)
  • December 2013 (1)