red and blue computer data for post Healthcare breach roundup: Week of 10/28/24

2 min read

Healthcare breach roundup: Week of 10/28/24

Healthcare data breaches expose sensitive information of patients and clients. Despite advances in cybersecurity, healthcare organizations remain vulnerable to attacks, largely due to the valuable nature of the data they hold. The following breaches...

Read More
donating blood for post Are blood banks bound by HIPAA?

2 min read

Are blood banks bound by HIPAA?

Blood banks are generally not bound by HIPAA, but they adhere to FDA regulations, state privacy laws, and their own confidentiality policies to...

Read More
medical symbol in blue digital environment for post What is the 405(d) effort?

2 min read

What is the 405(d) effort?

405(d) is a program targeted at tackling the prevalent cybersecurity threat healthcare organizations face nationwide. The program aims to provide...

Read More
digital lock for post Top cybersecurity focus areas revealed at HHS and NIST conference

2 min read

Top cybersecurity focus areas revealed at HHS and NIST conference

The HHS/NIST conference, titled Safeguarding Health Information: Building Assurance through HIPAA Security 2024, took place on October 24, 2024, in...

Read More
Image of lock for blog about Best practices for secure data management

3 min read

Best practices for secure data management

With 328.77 million terabytes of data created daily, it's no surprise that cyber threats are on the rise, as criminals look to exploit this valuable...

Read More
Image of sign for health department for blog about Are state, county, or local health departments required to comply with the Privacy Rule?

2 min read

Are state, county, or local health departments required to comply with the Privacy Rule?

State, county, or local health departments must comply with the HIPAA Privacy Rule if they qualify as covered entities. For example, a state Medicaid...

Read More
Image of someone holding a phone and stars to signify a review for blog about How psychiatrists should respond to negative reviews

1 min read

How psychiatrists should respond to negative reviews

Negative reviews can be a stressful situation for any medical professional. Reviews often drive psychiatrists to want to clarify or defend their...

Read More
hands on laptop computer surrounded by file icons for post How to file OCR complaint forms

3 min read

How to file OCR complaint forms

Patients have the right to file a complaint with the Office for Civil Rights (OCR) if their health information privacy or security has been...

Read More
Image of someone signing a document online for blog about Do electronic BAAs meet HIPAA Privacy Rule requirements?

2 min read

Do electronic BAAs meet HIPAA Privacy Rule requirements?

Electronic business associate agreements (BAAs), signed with an electronic signature, are permissible under the HIPAA Privacy Rule if they meet all...

Read More
red qr code on keyboard

2 min read

How to create a defense strategy against quishing

Quishing is a cyber threat that exploits QR codes and phishing in deceptive emails, posing risks like data breaches and malware infections. The HC3...

Read More
Image of someone typing on a computer for blog about Health data breach impacts millions due to missing password requirements

2 min read

Health data breach impacts millions

An investigation revealed that a database in the Mexican healthcare sector was left unprotected, exposing several million individuals’ sensitive...

Read More
Image of lock for blog about What are cybersecurity performance goals (CPGs)?

2 min read

What are cybersecurity performance goals (CPGs)?

Cybersecurity performance goals (CPGs) are a set of cybersecurity best practices and minimum-security standards developed by the Cybersecurity and...

Read More
Image of someone in a hoodie on a computer for blog about What is a machine-in-the-middle attack?

2 min read

What is a machine-in-the-middle attack?

Machine-in-the-middle attacks, often called "man-in-the-middle" (MitM) attacks, occur when an attacker intercepts communication between two parties...

Read More