A Long Beach hospital that nearly reached 100 years in operation had to shut its doors because it was built on an active earthquake fault and is incapable of meeting state-mandatory seismic safety law. The hospital, Community Medical Center Long Beach, sent the city notice to end the lease in four months at the beginning of March, taking effect on July 1st. Earthquake research performed in November discovered an active fault beneath the 200-bed hospital.
HIPAA Data Breach Answers from an Expert
Q&A With Gillware Forensics Investigator Nathan Little
Will Ascenzo is a blogger, copywriter, and technical writer for Gillware Data Recovery and Gillware Digital Forensics.
With how prevalent data breaches are in the news cycle now, data breaches seem to be every big business’ bête noire. Most at risk of data breaches and cyber attacks are organizations in the financial industry and healthcare industry. Due to the sensitivity of the healthcare data and HIPAA regulations regarding the unauthorized access to and disclosure of protected healthcare information, the threat of data breaches presents a particular problem to HIPAA-covered entities and business associates of all shapes and sizes.
How Secure is the Cloud?
Organizations migrating to a new IT environment, such as the Cloud, should always give serious consideration to the security of that environment. But how secure is the Cloud? If you don’t know exactly what piece of hardware your private data is found on at a given time, how do you know it is secure?
For those relatively new to Cloud, the first thing to be aware of is that while some of the tools and methods used to secure a network and data in the Cloud are different, the basic principles are the same as for any other environment. The next thing to know is that because the Cloud runs in data centers staffed by experts in Cloud services, data stored in the Cloud is “probably more secure than conventionally stored data,” according to Quentin Hardy, former Deputy Technology Editor of the New York Times[i].
Hospital Recycling Audit Reveals PHI Disposal Often Incorrect (Study)
A recent study demonstrated how problematic health record disposal is. The Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA) make it clear how to properly get rid of health records while maintaining the confidentiality of patients and protecting their rights. The study indicates that poor disposal of records occurs frequently and is a strong area to target if you want to bolster your defenses against HIPAA violations. Along with a concern with paper PHI in an era when it can get overlooked, it is crucial to have strong protections for the increasing volume of electronic records as well.
Office 365 or Google Docs for HIPAA Compliance
Organizations that handle healthcare data, whether they are covered entities (healthcare providers, plans, or data clearinghouses) or their business associates, must meet the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA and HITECH (the Health Information for Economic and Clinical Health Act of 2009) are US federal laws that created regulations related to how sensitive personal health data is used and disclosed (essentially in an effort to protect it and make it accessible to patients). It is necessary for doctors, hospitals, health insurers, and other healthcare organizations to meet the stipulations within these laws and to have the responsibilities within the relationship defined by a business associate agreement (BAA). The BAA contract is important because it clarifies all aspects of data creation, storage, receipt, and transmission so that accountability is possible for all privacy and security concerns.
Healthcare Hosting Checklist: What is HIPAA Compliant Healthcare Hosting?
What should you look for in a good healthcare host? Healthcare hosting providers must comply with HIPAA, the Health Insurance Portability and Accountability Act of 1996, which means they must protect and secure patient records. When you look at healthcare hosting providers, you want to know how HIPAA audit-ready the healthcare host is.
Multi-Cloud Strategy is Great, But Who Will Manage It?
Multi-cloud server infrastructure arises almost inevitably in enterprises, as indicated by David Gewirtz. Since that is the case, enterprises should consider their management strategy for the multi-cloud environment.
This article looks at what multi-cloud is, why it is adopted, its distinction from hybrid cloud, and ways to properly manage it. Finally, it addresses the issue of responsibility for management – whether you should take the DIY route or use an expert third party.
How Does Employee Monitoring Software Provide HIPAA Compliance?
Inside the healthcare industry is an abundance of sensitive and valuable data. This has created a massive attack surface. HIPAA (Health Insurance Portability and Accountability Act) was created to minimize the attack surface and create a national standard for security and privacy of healthcare-related data.
Just how many healthcare-related data records have been breached? According to the HIPAA Journal, approximately 54.25% of the U.S. population has been subjected to a data breach between 2009 and 2017. HIPAA Journal states that the above percentage equates out to 176,709,305 records stolen.
Orangeworm: Need-to-Know Information for Healthcare IT
A security report released on April 23, 2018 found that there was a growing threat presented by Orangeworm, a cybercrime alliance that was going after organizations within healthcare and similar fields using a backdoor known as Kwampirs.
Kwampirs is a Trojan horse, as indicated by the NJ Cybersecurity & Communications Integration Cell. When attackers deploy this malware, they are able to remotely access the devices that are infected with it. Once the attackers access the machines and execute the Trojan, it begins to decrypt and extract a copy of its primary dynamic link library (DLL) payload. (What is DLL injection? DLL injection is a technique that is often used for Trojans. The pen-testing industry blog Penetration Testing Lab noted that DLL injection enables an intruder to run whatever script they want within another process’s address space. In the event that the process involved has heightened privileges, the nefarious party might be able to run sinister code within a DLL file that would further increase their privileges and, in turn, allow them to inflict widespread damage.)
Secure Block Storage (SBS) 50 GB Free for One Year!
Secure Block Storage – Easy to use, highly redundant, available, scalable, and secure additional storage.
We are excited to announce the release of Secure Block Storage, enabling you to easily attach additional storage to your cloud servers to scale workloads more easily. Designed for 99.999% availability, SBS volumes are automatically replicated multiple times to protect your data from component failure. With SBS, storage can be increased on-the-fly and moved between your Cloud Servers within the same region. Additionally, SBS volumes are automatically encrypted at rest and connected to your Cloud Servers over an isolated storage network to ensure a secure environment for your data. To help you get started using SBS, we are offering 50 GB of SBS free through June 14, 2019, for existing customers and one year from the date of signup for new customers. You can increase the space of SBS volumes for an additional 7.9 cents per GB per month.
