Four Steps to Prevent Anarchyware

Background: Just a few months ago, in an office far from the U.S. mainland, a contractor clicked open a seemingly innocuous email and it began. Senior management at a well-known company awoke to their worst nightmare: systems all over their network infrastructure were locked up while employees and customers alike were already screaming for a solution … Continued

Watch for Dangerous Ransomware in Attachments and Links

Malware and ransomware attacks are nothing new. But tactics are evolving. Platforms once thought impervious, like Mac computers, are now being targeted along with our smartphones and tablets. Clever New Scams The old Nigerian bank scam is joked about today. But hackers are using new ruses that are not really any more clever, just maybe unexpected. Common … Continued

HIPAA Compliance: Know what’s coming in 2017

Did you know that as of January 2017, there have been more than 1,800 sizeable security breaches of healthcare information? Each of these 1,800 breaches disclosed the patient information of more than 500 people at a time. All of these cases can be viewed on the U.S. Dept. of Health and Human Services (HHS) website. How can … Continued

Update Anti-Virus and Anti-Malware Software for HIPAA Compliance

The easiest way to avoid being the victim of a computer virus or malware that can steal or hold hostage your valuable information is to not make yourself vulnerable in the first place. Just like home security, thieves will look for the unlocked door or the house without a security system. There are too many easy targets … Continued

Incomplete Risk Assessment Could Void Cyber Security Insurance Policies

I recently came across an interesting case of denial of cybersecurity insurance coverage that I believe should serve as a warning for healthcare organizations and for many of Loricca’s clients. Following a 2013 breach of patient information, the Cottage Health hospital network paid over $4 million in a class action settlement. The provider of Cottage Health’s cybersecurity … Continued

Can HIPAA Compliance and Social Media Coexist in Your Organization?

The question of whether your organization should be present on social media today is moot. Whether you maintain official accounts on Twitter, Facebook, and other channels, your hospital, practice, and healthcare brand will be found and discussed. The fact that you need to monitor the message broadcasted about your brand is just a reality of … Continued

If You Can’t Prevent Ransomware, You Can Outsmart It

Ransomware is everywhere in 2016. We encourage and work with clients to do everything possible to avoid becoming a victim. Cybercrime is nothing if not adaptive, and the technology and tactics of ransomware continue to evolve daily. They vary from hiding malicious code in tempting or deceiving emails, updates, and links. It seems we cannot … Continued

Always Use Two Factor Authentication but Remain Vigilant

By now, most of the major online tools we use and the most popular sites we log into offer if not require two-factor authentication (2FA). There are several ways a two factor system can be implemented but, essentially, it will always involve using something you know, like a password, plus something you have, like a mobile device … Continued

Incident Response 101: Where Notification Requirements May Differ from HIPAA

In our recent series of articles answering the key questions about what notifications steps HIPAA regulated organizations must take after a security breach, we have looked at: Who is Required to Report a Breach? When Do You Need to Report a Breach?  What Must Be Reported Following a Breach? To wrap up this topic, we … Continued

Do the Apps on Your Phone Know Too Much About You?

I have read that most of us only use 7-10 apps on our phones. The vast majority of the time, when we are on our mobile devices, we are using one of our go-to apps. I just counted 57 apps installed on my phone and, honestly, when I just looked to count, I didn’t even … Continued

Is your organization HIPAA compliant?

Contact us to find out sooner rather than later.

Ask about our letters of attestation that demonstrate your compliance!