Blog

  • CynergisTek and CHIME Collaborate on Healthcare Cybersecurity Program Research

    CynergisTek and CHIME Collaborate on Healthcare Cybersecurity Program Research

    In November of 2018, CynergisTek collaborated with CHIME to examine the top healthcare cybersecurity challenges for CIOs with its survey, “Addressing the Security Gaps in Health IT.” Through most...

    Read More
  • Learn What We Found After Assessing Hundreds of Healthcare Organizations' Conformance with NIST CSF

    Learn More
  • Zero Days vs. Standard Ways

    Zero Days vs. Standard Ways

    A few days ago, a new vulnerability was found that affects the security of encrypted data, specifically on full-disk encrypted drives using hardware encryption protocols. For some time now, it has...

    Read More
  • Mobile Devices in the Healthcare Academic Medical Center: Why Are They So Difficult to Control?

    Mobile Devices in the Healthcare Academic Medical Center: Why Are They So Difficult to Control?

    In today’s healthcare environment, mobile devices are rampant. Controlling the nature and method of data stored on these devices is not easy in most industries – and mobile devices in the...

    Read More
  • ×

    Subscribe to Our Monthly Cyber Bulletins with the Latest News, Tips and More!

    First Name
    Last Name
    Company
    Thank You!
    Error - something went wrong!
  • Changes to New California Privacy Law Exempts Some Healthcare Organizations

    Changes to New California Privacy Law Exempts Some Healthcare Organizations

    Much has been written about the potential impacts that the California Consumer Privacy Act of 2018 (CaCPA) could make on health care organizations and their business partners. The California...

    Read More
  • IoT Security: How to Effectively Manage Endpoint Device Security

    IoT Security: How to Effectively Manage Endpoint Device Security

    IoT security is one of the most concerning and critical issues that we in healthcare face on a daily basis. All industries are affected by IoT devices threatening the integrity of their network...

    Read More
  • User Access Monitoring: Convincing Your Governing Body that You Need to do This

    User Access Monitoring: Convincing Your Governing Body that You Need to do This

    User access monitoring is a requirement under the HIPAA Security Rule. However, the specifics of what must be done remain a little cloudy. The regulations state, “implement hardware, software,...

    Read More
  • Are State AGs Picking Up Slack in HIPAA Enforcement?

    Are State AGs Picking Up Slack in HIPAA Enforcement?

    David Holtzman was recently interviewed by Marianne Kolbasuk McGee of Information Security Media Group about The Arc of Erie County lawsuit which encountered a data breach that impacted more than...

    Read More
  • Ohio Creates Incentives to Proactively Adopt Cybersecurity Programs

    Ohio Creates Incentives to Proactively Adopt Cybersecurity Programs

    A new Ohio law, the Data Protection Act, incentivizes businesses and not-for-profit organizations that proactively put into place cybersecurity programs to safeguard electronic information...

    Read More
  • OCR Updates Audit Protocol Emphasizing Compliance

    OCR Updates Audit Protocol Emphasizing Compliance

    The US Department of Health and Human Services, Office for Civil Rights (OCR) has without fanfare updated its comprehensive audit protocol, making substantive changes to inquiries to demonstrate...

    Read More
  • Incident Response Planning: Paying NOT to Play

    Incident Response Planning: Paying NOT to Play

    If you’re reading this, I probably don’t need to tell you that an incident response plan is the best way to prepare for that information security or other cyber incident – from attack, to...

    Read More
  • Web Application Penetration Testing

    Web Application Penetration Testing

    I have been writing about penetration testing and its related skills for some time now but haven’t yet taken a good deep dive into web application penetration testing. In many ways, web...

    Read More
  • Ransomware Attack Leads to Discovery of Lots More Malware

    Ransomware Attack Leads to Discovery of Lots More Malware

    Ransomware has impacted several different healthcare organizations over the past few weeks, including Allied Physicians of Michiana and LabCorp. The latest victim is Blue Springs Family Care. I...

    Read More
  • 2018 Educational Workshop Feedback

    2018 Educational Workshop Feedback

    Cyber-attacks have been an increasing security and privacy threat to organizations, in fact the 2018 Cost of a Data Breach Study: Global Overview by Ponemon states that the health industry has one...

    Read More
  • Colorado Breach Law Uses Long Arms to Protect Health Information Not Covered by HIPAA

    Colorado Breach Law Uses Long Arms to Protect Health Information Not Covered by HIPAA

    Colorado has put into place a new law that will require organizations handling digital personal information of Colorado residents have security safeguards in place to protect information from...

    Read More
  • When is data collected for research PHI covered by HIPAA and when is it not?

    When is data collected for research PHI covered by HIPAA and when is it not?

    On June 1, 2018, an OCR ALJ decision imposed civil monetary penalties against the University of Texas MD Anderson Cancer Center for data that was on two lost thumb drives and a stolen laptop. MD...

    Read More
  • The 4 Most Commonly Missed Endpoint Devices in Healthcare

    The 4 Most Commonly Missed Endpoint Devices in Healthcare

    “Endpoint” is a term that seems to have a variable definition in many of today’s organizations. Like the name itself suggests an endpoint is simply any connected device capable of processing,...

    Read More
  • Building and Maintaining an Effective Compliance Program with Limited Resources

    Building and Maintaining an Effective Compliance Program with Limited Resources

    It is often said an effective compliance program is difficult to measure, but experienced compliance professionals “know it when they see it”. This is not much comfort to many compliance...

    Read More
  • Learning The Basics of Biomedical Security…From Ebola

    Learning The Basics of Biomedical Security…From Ebola

    Public Health In 2014 and 2015, the world faced a major health crisis when individuals throughout the world were being exposed to the Ebola virus. Because of the highly contagious nature of the...

    Read More
  • Detecting and Protecting: Why Security Incidents Keep Surprising Us

    Detecting and Protecting: Why Security Incidents Keep Surprising Us

    Why are we so bad at detecting and protecting against security incidents? Attackers need only find a single flaw that will allow them to gain entry to a system. Those that protect them, on the...

    Read More
  • Emerging Security Threats: Keeping Your Healthcare Organization Protected

    Emerging Security Threats: Keeping Your Healthcare Organization Protected

    David Finn was recently interviewed by Maureen McKinney at Phreesia about emerging security threats and keeping your healthcare organization protected. Below is the full interview. Maureen: David,...

    Read More
  • loading
    Loading More...