Will Healthcare Ransomware Attacks Increase in 2019?

Consumers were singled out in the early days of ransomware, but now ransomware distributors have no problem directing their malicious efforts toward much larger groups, locking organizations out of key systems and demanding a hefty fee that often doesn’t provide full accessibility once paid. Attacks targeting healthcare providers have become an increasingly regular occurrence over … Continued

AdventHealth: Healthcare Data Breach Goes Undetected for Over a Year

On March 10, 2019, nearly 42,000 patients who have trusted AdventHealth with their personally identifiable information (PII) and health information will be formally notified that this data has been compromised—for more than sixteen months. The Data Breach In late December, officials from Florida’s AdventHealth Medical Group Pulmonary and Sleep Medicine finally found the hacker’s footprint, … Continued

Four Steps to Prevent Anarchyware

Background: Just a few months ago, in an office far from the U.S. mainland, a contractor clicked open a seemingly innocuous email and it began. Senior management at a well-known company awoke to their worst nightmare: systems all over their network infrastructure were locked up while employees and customers alike were already screaming for a solution … Continued

Watch for Dangerous Ransomware in Attachments and Links

Malware and ransomware attacks are nothing new. But tactics are evolving. Platforms once thought impervious, like Mac computers, are now being targeted along with our smartphones and tablets. Clever New Scams The old Nigerian bank scam is joked about today. But hackers are using new ruses that are not really any more clever, just maybe unexpected. Common … Continued

HIPAA Compliance: Know what’s coming in 2017

Did you know that as of January 2017, there have been more than 1,800 sizeable security breaches of healthcare information? Each of these 1,800 breaches disclosed the patient information of more than 500 people at a time. All of these cases can be viewed on the U.S. Dept. of Health and Human Services (HHS) website. How can … Continued

Update Anti-Virus and Anti-Malware Software for HIPAA Compliance

The easiest way to avoid being the victim of a computer virus or malware that can steal or hold hostage your valuable information is to not make yourself vulnerable in the first place. Just like home security, thieves will look for the unlocked door or the house without a security system. There are too many easy targets … Continued

Incomplete Risk Assessment Could Void Cyber Security Insurance Policies

I recently came across an interesting case of denial of cybersecurity insurance coverage that I believe should serve as a warning for healthcare organizations and for many of Loricca’s clients. Following a 2013 breach of patient information, the Cottage Health hospital network paid over $4 million in a class action settlement. The provider of Cottage Health’s cybersecurity … Continued

Can HIPAA Compliance and Social Media Coexist in Your Organization?

The question of whether your organization should be present on social media today is moot. Whether you maintain official accounts on Twitter, Facebook, and other channels, your hospital, practice, and healthcare brand will be found and discussed. The fact that you need to monitor the message broadcasted about your brand is just a reality of … Continued

If You Can’t Prevent Ransomware, You Can Outsmart It

Ransomware is everywhere in 2016. We encourage and work with clients to do everything possible to avoid becoming a victim. Cybercrime is nothing if not adaptive, and the technology and tactics of ransomware continue to evolve daily. They vary from hiding malicious code in tempting or deceiving emails, updates, and links. It seems we cannot … Continued

Always Use Two Factor Authentication but Remain Vigilant

By now, most of the major online tools we use and the most popular sites we log into offer if not require two-factor authentication (2FA). There are several ways a two factor system can be implemented but, essentially, it will always involve using something you know, like a password, plus something you have, like a mobile device … Continued

Is your organization HIPAA compliant?

Contact us to find out sooner rather than later.

Ask about our letters of attestation that demonstrate your compliance!