Don’t forget to resist the phish!
These steps will help in identifying phishing emails:
Category: HIPAA
FDA Alert – Medtronic Recalls Paradigm and 508 MiniMed Insulin Pumps Remote Controllers due to Potential Deadly Cybersecurity Risks
The FDA has identified this as a Class I recall, the most serious type of recall. The use of these devices may cause serious injuries or death. Recalled Product All MiniMed Remote Controllers (model MMT-500 and MMT-503) are used with a Medtronic MiniMed 508 insulin pump or the MiniMed Paradigm family of insulin pumps. Reason […]
October is National Cybersecurity Awareness Month!
TMC’s Security Scout wants you to be Cyber Savvy! Did you know? 43% of cyber-attacks target small businesses. Here’s how you can be Cyber Savvy: Use long, strong passphrases or passwords and different passwords for different programs and devices. See last month’s Advisor for password tips. Watch out for phishing emails and text messages! […]
FBI and the federal Cybersecurity and Infrastructure Security Agency (CISA) have issued a ransomware awareness alert
The FBI and the federal Cybersecurity and Infrastructure Security Agency (CISA) have issued a ransomware awareness alert for the upcoming holiday weekend. The FBI and CISA have observed a trend of increased attacks around U.S. holidays. Businesses are more vulnerable when there are fewer workers in the office or workers are more distracted than usual […]
Audit Logs
August 2021 A covered entity recently discovered that a former employee had “snooped” (inappropriately accessed) over 10,000 patient records almost 4 years after the snooping began. The employee accessed the records in the EHR over a period of about 14 months. That’s over 700 records per month. The snooping went undetected until the former employee […]
Diabetes App Security Advisory from CISA
Patients and physicians who have the devices listed below and use the mylife Cloud and/or mylife Mobile Application should update to the current version of the application and update account passwords ASAP. The app is not sufficiently protecting usernames and passwords making their data vulnerable to exposure/hacking. https://us-cert.cisa.gov/ics/advisories/icsma-21-196-01 mylife website: https://www.mylife-diabetescare.com/en/products/therapy-management/mylife-digital.html mylife Diabetescare devices: Ypsomed […]
The 21st Century Cures Act and Healthcare Information Blocking
What is information blocking? Anything a healthcare provider knows is likely to interfere with the ability of a patient or other authorized person(s) to access, exchange, or use electronically protected health information (ePHI). Taking longer than allowed to respond to patients’ requests for access to their records, or not responding at all. Charging patients a […]
OCR Alert – Postcard Disguised as Official Communication
Some healthcare organizations have received postcards that appear to be from the OCR that they are required to participate in a “Required Security Risk Assessment” and they are to send their risk assessment to a website. This is not from the OCR or the U.S. Department of Health and Human Services, it is an advertisement […]
Information Blocking – Digging Deeper
Healthcare providers are not required to do anything new or buy new software to comply with the upcoming Information Blocking Rule issued by the HHS Office of the National Coordinator for Health Information Technology (ONC). However, understanding how your current policies and procedures could conflict with the rule’s requirements is a good exercise to start […]
Protecting Your Cybersecurity
If you use an on-premises Microsoft Exchange Server, it is important to reach out to your IT Support immediately to be sure updates are installed to boost your cybersecurity and protect against recently discovered critical security vulnerabilities. The vulnerabilities allow an attacker to compromise your network and steal information, encrypt data for ransom, or even […]
