How to Make Your Website HIPAA Compliant
They say you never know until it hits you. Whoever “they” are, they’ve got a point – especially if the “it” is failing to secure someone’s personal, protected health information (PHI). Once this sensitive data is divulged, the genie is out of the bottle – and the impact can be staggering. Just ask Advocate Health... Continue reading
How FISMA Requirements Can Impact HIPAA Compliance
In the world of compliance requirements, two types of business practices are generally distinguished. The first, known as the “private sector,” are those regulations that apply to the for-profit, commercial industry. These may include HIPAA (for protected health information), SOX (for financial reporting), GLB (pertaining to information sharing), and others. The “public sector,” on the... Continue reading
HIPAA Encryption – Choosing the Right Kind
Everyone familiar with HIPAA agrees that protecting sensitive data like protected health information (PHI) is critical, and most realize that encryption is the technique of choice; however, this seems to be the extent of most people's knowledge.
Kubernetes and Security: 6 Keys for HIPAA Compliance
When it comes to deploying applications and services at scale, the ability to use efficient, containerized pieces of software has clearly changed the game. Containers are highly valued for their portability and ability to run on various environments – including local desktops, virtual and physical servers, test and production environments, and in private or public... Continue reading
Minimizing Healthcare Risk through Penetration Testing (Part 2)
In part-1 of our interview with Ricoh Danielson, we discussed how a comprehensive, “real world” penetration test (also known as ethical hacking) can help you fix the gaps in your company’s security. Why do you need it? Let’s take a moment to recap why you need it: for those in healthcare especially, cybercrime represents an enormous risk... Continue reading
Minimizing Healthcare Risk through Penetration Testing (Part 1)
Ricoh Danielson is an impressive guy. From his time serving as a US Army Combat soldier in Iraq, to becoming a legal advocate for veterans in their battle to receive PTSD treatment; then later developing his security expertise in digital forensics for law enforcement and the military, Ricoh has dedicated himself to a singular passion:... Continue reading
Safer in the Cloud: Office 365 and HIPAA Data
You like saving everything to your hard drive – it’s what you do. Then your laptop or tablet gets lifted, right out of your car. Sure, you thought it was safer to have sensitive information under your own watchful eye – except when it was on your car seat, while you went to the 7-11... Continue reading
HIPAA Plug-ins for WordPress, Part 3: Activity Logs
“Have you seen the video?” It’s a query for a connected world, bringing the world up close. From cell phones to visual doorbells – even police body cams – video helps tell a story – and maybe solve a crime. Now imagine this crime is an attempt to steal your company data or disable your... Continue reading