Mitigating the risks of a ransomware attack
In healthcare, ransomware is particularly effective. By directly compromising patient care and safety, attackers are able leverage provider urgency into payment. Many healthcare providers are unprepared to mitigate or remediate these attacks.
Why it might be time to ditch SMS for MFA
If you are serious about security, it is time to think twice about using text-messaging (SMS) as a multi-factor authentication (MFA) delivery method.
Security is a necessity, NOT a luxury
Often, we are deluded in believing our security and privacy defenses have held when in fact, they haven’t even begun to be tested. When faced with an advanced, persistent threat, no one is immune.
Everything you need to know about SRAT version 3.0.1
At HIPAA One we believe the SRAT tool can be an effective training tool for compliance professionals and recognize that it does have its merits and although we are admittedly biased, we’re going to outline everything you need to know about the 3.0.1 update
Ransomware: 3 ways to protect your organization
We at HIPAA One want to share a few ways we see organizations are vulnerable and get hacked. Take action after reading this blog to protect your organization from being the next target.
A balance of trust: new guidelines for business associates under HIPAA
As a covered entity, it is important to partner with business associates that have a strong security posture with safeguards and controls in place to prevent HIPAA violations and fines.
Don’t get caught! Five ways to avoid a phishing scam
As technology evolves, so does the sophistication of these phishing attacks. It is no longer a matter of if you receive a phishing email but when you receive a phishing email.
Am I a business associate under HIPAA? Why should I care?
Back in 2013, when Edward Snowden was in Hong Kong revealing he leaked documents detailing mass-surveillance programs by the U.S. government, the Department of Health and Human Services (HHS) was creating the Final Omnibus Rule. This rule extended its regulatory reach beyond covered entities (e.g. healthcare providers, health plans, and clearinghouses) to business associates who …
HIPAA Compliance for Microsoft Office 365
Organizations in every industry are upgrading to Microsoft Office 365 to improve security. A common concern among healthcare professionals is that using Office 365 and Microsoft Teams exposes an organization to HIPAA violations. If Office 365 is implemented without the correct security configurations, that is likely true. However, Office 365 and Teams can easily be …
HHS SRA Tool Version 3.0 – The Good, Bad and Ugly
Earlier this month, the U.S. Department of Health and Human Services (HHS) and the Office for Civil Rights (OCR) released an updated version of their Security Risk Assessment Tool (SRAT). We have been following the development of this toolkit since its inception in 2011 as the HSR toolkit and reviewed V2.0 in early 2014. Each …
Let HIPAA One do the heavy lifting for your company when it comes to compliance. Make us part of your team to stay up-to-date, stay automatically compliant, and most importantly, protect your client's information.