The Long Anticipated Next Round of HIPAA Audits Finally Taking Shape

We have been urging clients, covered entities and business associates to prepare for almost two years. As I have said many times, being prepared for an audit is more about taking the appropriate and responsible steps toward compliance and security than it is about the likelihood that your organization will actually be chosen. Shifted Focus … Continued

Don’t Fall for Social Engineering Tactics

Your employees may not realize how valuable their access may be to dangerous cyber criminals. Hackers can be very clever when they want the critical data or credentials that your employees possess. Social engineering tactics are designed to obtain secure information (login, customer, patient, or corporate data) by conning a person into revealing the information. Hackers’ … Continued

Cybersecurity Priorities – Following the Lead of the Feds

Last Friday, as many of us had our minds on Halloween plans, Tony Scott released the Cyber Security Strategy and Implementation Plan for federal cybersecurity. Scott, former VMWare exec and sitting federal CIO, released his recommended priorities for federal agencies following the “Sprint” assessment conducted over the summer. One has to think the Federal government, all the … Continued

Managed Security for Your Biggest Obstacles

In the last year or two there has been considerable discussion centered around the lack of trained, experienced IT security personnel able to handle the growing needs that companies face as technologies and cyber threats evolve and grow. As part of Cyber Security Awareness Month, this week has focused on building the next generation of cyber … Continued

Extra Password Authentication May be Necessary, Even if Not Required

In recent months, the recommendation of Loricca’s team of security experts has changed regarding extra authentication. Where we have always favored and recommended strong authentication, we now strongly urge clients to use a system such as a two factor authentication (TFA) process as it is the only effective way to securely verify users, especially remote users. … Continued

Incomplete Data Disposal Could Come Back to Haunt You

When hardware or equipment becomes obsolete or simply no longer meets the needs of your company, where does it go?  Too often, retired equipment sits in a closet somewhere waiting to be destroyed. The longer unused equipment waits to be dealt with, the more risk is incurred that a machine will be lost or stolen … Continued

A Call to Action for Healthcare IT Security

During National Health IT Week, I am encouraged to see such a concerted effort led by the Healthcare Information and Management Systems Society (HIMSS).  Health IT Week has become a rallying point for the healthcare industry to face the challenges of advancing services with expanding technology while maintaining the security and level of service patients require. … Continued

Obstacles to EMV Adoption Common to IT Security Funding and Progress

In the 1980s, EMV (Europay, MasterCard and Visa) technology using a chip embedded in credit cards was responsible for a drastic drop in fraud involving cloned credit cards that was rampant in following the fall of the Iron Curtain. Despite good arguments for (and against) EMV technology as the worldwide standard and intense pressure from … Continued

Teach Employees the Risks that Come with Removable Storage

In life and business today we have the luxury of technology that provides unprecedented convenience and productivity.  But some of the same tools that help us do more also threaten our security and could potentially undo all our hard work. Wherever your company’s critical data or client/patient personal data can be stored or accessed, you … Continued

HIPAA Compliance as a Marketing Tool

If your company provides services within the healthcare industry that qualify it as a Business Associate (BA), the extra requirements of the HIPAA Privacy and Security Rules can actually work in your company’s favor. When your sales agents and account managers are able to speak to your company’s compliance efforts and data security, prospects are reassured that your … Continued

Is your organization HIPAA compliant?

Contact us to find out sooner rather than later.

Ask about our letters of attestation that demonstrate your compliance!