Infosec in Healthcare: a new priority

Patient safety needs to evolve Patient safety in the healthcare industry has always been a priority. Mainly, that referred to physical safety, but with the changing landscape of technology, information security needs to also become a priority. Healthcare is repeatedly...

Is your SRA valid?

You have done a risk assessment. That means you should have 1) an SRA report, 2) a risk management plan with prioritized corrective actions, 3) a disaster recovery plan, 4) an emergency response plan, 5) a breach notification plan, 6) current training and in use, 7)...

BYOD – Do you know what’s on your network?

 Is your company allowing employees to bring their own devices and   use them to log onto the corporate network? If so, do you know what   is happening on your network as well as how many devices are on   your network?  Recently, I ran a network discovery at a company...

Ignorance is not Innocence

Cyber security breaches are constantly in the news. Hundreds, if not thousands, occur across every kind of industry each year. Healthcare has consistently been a prime target for cyber criminals to gain access to personal health information (PHI) which can be sold for...

Business Associates bad for business?

In January 2019, Spiceworks surveyed 600 IT and security decision makers over a wide variety of companies, all with one thing in common: their use of third-party vendors or Business Associates (BAs). Their findings should have everyone looking more closely at their...