I'm not really sure who needs to be ready for this years HIPAA audits, the Auditors or the Auditees.
I have a feeling these audits aren't going to go as smoothly as they want, based on all the breaches it leads me to believe that there are not many compliant companies.
http://securitymusings.com/article/4432/hipaa-audits-are-coming-are-you-ready
Friday, March 21, 2014
UMD "Asleep at the Wheel"
When you get breached once the first thing you do is look at all your systems and lock them down ASAP. But how do you let it happen again, with in 4 weeks they have 2 breaches.
This is the ultimate "Asleep at the Wheel", I think it safe to say that someone may lose there job over this one..... thats just a guess.
http://www.myfoxdc.com/story/25032592/university-of-maryland-reports-2nd-data-breach-in-4-weeks#axzz2wbArBxpS
This is the ultimate "Asleep at the Wheel", I think it safe to say that someone may lose there job over this one..... thats just a guess.
http://www.myfoxdc.com/story/25032592/university-of-maryland-reports-2nd-data-breach-in-4-weeks#axzz2wbArBxpS
Wednesday, March 19, 2014
Airline Hacked?
Not sure if this is possible or not but I'm sure its only a matter of time before it would happen. It is also very scary that it could be possible.
http://www.nbcnews.com/storyline/missing-jet/experts-very-unlikely-missing-malaysian-jet-was-hacked-n56881
http://www.nbcnews.com/storyline/missing-jet/experts-very-unlikely-missing-malaysian-jet-was-hacked-n56881
The value of stolen medical records? - UNDER valued!
So how does this work....... my SS# and medical records are out in the world for 4 months. During this time my information could be used in so many ways, from identity theft to annoying phone scams. The fact is your
Pay-roll data not secure ............ Who doesn't encrypt Pay-roll data
Not really sure why payroll data wouldn't be encrypted.
http://news.techworld.com/security/3506753/morrisons-supermarket-suffers-pay-roll-data-breach-after-insider-attack/
http://news.techworld.com/security/3506753/morrisons-supermarket-suffers-pay-roll-data-breach-after-insider-attack/
Tuesday, March 18, 2014
Healthcare is where the data is for Hackers
When a report comes out stating that nearly half of all the data breaches come from the the medical industry it doesn't really surprise me. I look at the Banking industry where most of there business is electronic and they should be on the cutting edge when it comes to Data Security.
IT Security is not the first thing that the Healthcare industry needs to worry about, but since the creation of HIPAA and electronic records they need to make it a priority or the breaches will continue.
http://www.marketwatch.com/story/medical-id-theft-is-even-scarier-than-the-target-breach-2014-03-18
IT Security is not the first thing that the Healthcare industry needs to worry about, but since the creation of HIPAA and electronic records they need to make it a priority or the breaches will continue.
http://www.marketwatch.com/story/medical-id-theft-is-even-scarier-than-the-target-breach-2014-03-18
Someone Broke into my House - Not sure if they took anything????
Isn't it safe to say that if a hacker goes to the effort to break into your network they are going to take some sort of souvenirs. Sally Beauty gets hacked on march 5th and now we find out that they lost CC info, almost 2 weeks after the breach.
Not sure I really understand what they were waiting for, it is straight forward that they lost CC data.
http://www.net-security.org/secworld.php?id=16537
Not sure I really understand what they were waiting for, it is straight forward that they lost CC data.
http://www.net-security.org/secworld.php?id=16537
Monday, March 17, 2014
$3 million Breach settlement first of its kind
AvMed has been hit with a $3 million dollar settlement they need to pay victims of the 2009 breach. This is another cautionary tale of what happens when you choose not to encrypt the data at rest even if it is stored on a laptop.
http://www.computerworld.com/s/article/9247017/Court_approves_first_of_its_kind_data_breach_settlement
http://www.computerworld.com/s/article/9247017/Court_approves_first_of_its_kind_data_breach_settlement
You may be retired but your Data is not!
When you become a retired Police Officer in Syracuse you plan your retirement going fishing, spend more time with the grand kids. You don't plan on dealing with your PII data being lost and having to replace CC's and monitor you credit.
I think I may have said it before but if only they have encrypted the data at rest.
What Fines should Target receive if "I told you so"
We come to find out that Target was giving some warning about the recent breach, does this mean they should be fined differently.
If they had warning as they claim they did shouldn't the fine be a little bigger.
http://www.wsiltv.com/news/three-states/Target-Ignored-Early-Signs-of-Data-Breach-250353881.html
If they had warning as they claim they did shouldn't the fine be a little bigger.
http://www.wsiltv.com/news/three-states/Target-Ignored-Early-Signs-of-Data-Breach-250353881.html
Small or Big - Breaches Hurt everyone
Doesn't really matter the size of the organization they are targets to the hacker world. In fact I would have to say it is far more important to a smaller organization to protect their data, a larger company may be able to handle the fines and all the other expenses. A small company may find themselves out of business if they take a big enough hit.
http://www.healthcareitnews.com/news/small-town-hospital-gets-hacked
http://www.healthcareitnews.com/news/small-town-hospital-gets-hacked
HIPAA's unseen obstacles
While HIPAA has some big benefits to protect the patients and their medical records, we now see that more work needs to be done and not in the most obvious areas.
This article explains the problem that we face when trying to share data with legitimate organizations.
http://insurancenewsnet.com/oarticle/2014/03/16/police-find-hipaa-privacy-law-an-obstacle-a-475208.html#.UycIIlFdWzs
This article explains the problem that we face when trying to share data with legitimate organizations.
http://insurancenewsnet.com/oarticle/2014/03/16/police-find-hipaa-privacy-law-an-obstacle-a-475208.html#.UycIIlFdWzs
Even a small breach costs
Even the small breaches cost a lot of money as Indiana University is finding out. They have spent $80,000 so far and who knows how much more they may have to shell out when its all over.
They could have spent just a fraction of that money and secured the data.
http://www.miamiherald.com/2014/03/17/4000166/data-breach-response-costs-iu.html
They could have spent just a fraction of that money and secured the data.
http://www.miamiherald.com/2014/03/17/4000166/data-breach-response-costs-iu.html
Subscribe to:
Posts (Atom)