HIPAA Safeguard recommend that its followers read the September 1, 2014, article by Contributor Dan Munro entitled: “Over 90% of Cloud Services Used in Healthcare Pose Medium to High Security Risk,” which can be assessed online at: http://www.forbes.com/sites/danmunro/2014/09/01/over-90-of-cloud-services-used-in-healthcare-pose-medium-to-high-security-risk/. The article highlights three important issues about cybersecurity:
HIPAA Safeguard recommends that its followers read the August 31, 2014, article by Laura Shin entitled: “Medical identity theft: How the health care industry is failing us,” which can be accessed online at: http://fortune.com/2014/08/31/medical-identity-theft-how-the-health-care-industry-is-failing-us/. The article highlights two important issues:
August 7, 2014. Today’s Charleston, SC Post and Courier has an important article by AP Technology writer Anick Jesdanun entitled: “7 ways to create stronger passwords: News of Russian hacking ring highlights importance of protecting yourself online,” which is available online at: http://www.postandcourier.com/article/20140806/PC1601/140809586. We commend this article to your attention, and the explanations for the following seven password strengthening recommendations to deter unauthorized access to networks, systems, applications, devices, and media:
This year, 2014, marks the end of the Decade of Health Information Technology, initiated by then Secretary of the Department of Health and Human Services (HHS), Tommy Thompson, in July 2004 “to build a national electronic health information infrastructure in the United States.” This initiative outlined “four major collaborative goals” and “12 strategies for advancing and focusing future efforts.” My co-author, Carolyn Hartley, and I discuss these goals and strategies in detail in our book, EHR Implementation: A Step-by-Step Guide for the Medical Practice (2nd ed.) (Chicago, IL: American Medical Association, 2012).
HIPAA Safeguard commends to the attention of Security Officials of covered entities and business associates and to individual workforce members of those organizations the May 6, 2014, Wall Street Journal article entitled: “The Best Way to Manage All Your Passwords: Rating Secure Password Managers Dashlane, LastPass, 1Password, PasswordBox,” which is online at: http://online.wsj.com/news/articles/SB10001424052702303647204579545801399272852?mod=WSJ_article_EditorsPicks. Under the HIPAA Security Rule, the Security Official is responsible for implementing policies and procedures—based on findings from a risk analysis—for managing passwords under the Administrative Safeguard Security Awareness and Training standard:
HIPAA Select calls your attention to this important May 2014 article by Tucker Bailey, Andrea Del Miglio, and Wolf Richter entitled: “The rising strategic risks of cyberattacks: Research by McKinsey and the World Economic Forum points to a widening range of technology vulnerabilities and potentially huge losses in value tied to innovation.” The article is available online at:
On April 8, 2014, the Federal Bureau of Investigation (FBI) issued a private industry notification entitled: Health Care Systems and Medical Devices at Risk for Increased Cyber Intrusions for Financial Gain, which is available online at:
The Federal Communications Commission (FCC) has prepared several documents that provide tips on managing and safeguarding electronic information technology. One of these documents outlines ten cybersecurity tips for small businesses, which can be accessed at: http://www.fcc.gov/cyberforsmallbiz. As we documented in the first posting in this series on FCC cybersecurity tips: 1. Training, these tips apply to the vast majority of covered entities and business associates that must achieve HIPAA compliance by implementing the January 25, 2013, HITECH Act Final Rule modifications of HIPAA Privacy and Security and HITECH Act Breach Notification Rules.