Home » CTEK in the News » Third-Party Security: Guarding Against Complacency

× Share this Article

Facebook
Twitter
Email
LinkedIn

Third-Party Security: Guarding Against Complacency

September 3, 2019 Mayuri Kumar

Share this Article
Facebook
Twitter
Email
LinkedIn

Oregon-based Providence Health Plan says some of its members were among the nearly 3 million individuals affected by a nine-year data breach revealed by Virginia-based health plan administrator Dominion National in June.

What lessons are emerging from the Dominion National security incident and others involving third parties? The most important one is simply this: Organizations must guard against becoming complacent about the security practices of the vendors they use.

Click here to read the full story.

Prompt Notification Reduces Data Breach Fallout, Consumer Impact

In light of MGH healthcare data breach, experts call for transparency

Most Recent Articles

Victim Count in Magellan Ransomware Incident Soars

David Finn discusses the risks faced by interconnected organizations in the healthcare sector and how the number of people affected by the April ransomware attack on Magellan Health continues to grow.

Data Breach Settlement Has an Unusual Provision

David Holtzman discusses the preliminary settlement of a class action data breach lawsuit against Iowa Health System (a.k.a UnityPoint Health).

Breach Notification Delay: A Step-by-Step Timeline

Why are some breach notifications delayed for months? David Bailey discusses the statement made by Choice Health Management Services which issued a step-by-step explanation on breach notifications.

The future of medical appointments will be remote. Here's how hospitals are making the transition and dodging new cyber threats, according t

In this recent Business Insider article, they discuss the future of medical appointments being remote and how hospitals are making the transition and dodging new cyber threats.

A Tale of 2 Health Data Breaches: Persistent Challenges

David Finn discusses two recent health data breaches that illustrate persistent security challenges – defending against ransomware attacks as well as unauthorized access to email.

Telehealth After COVID-19: Privacy, Security Considerations

What will happen after July 25th? The Federal government's recent policy changes for facilitating patient care during COVID-19 may have an impact on telehealth restrictions in the future.

Business Associate Incidents Added to Breach Tally

In the latest article by Healthcareinfosecurity.com David Holtzman discusses the major health data breaches that have been added to the federal tally in recent weeks.

The CyberWire Daily Podcast - Episode 952

Cyberwire’s latest podcast features Caleb Barlow as he discusses the challenges of securing medical records.

The CyberWire Daily Podcast - Episode 1075

Cyberwire’s latest podcast features Caleb Barlow as he discusses his responsibilities during an incident from the SOC operator to the CEO.

Lawsuit Filed Against Accounting Firm in Patient Data Hack

In the latest article by Healthcareinfosecurity.com David Holtzman discusses the class action lawsuit filed against accounting firm BST & Co. CPAs LLC that allegedly exposed patient information.

The CyberWire Daily Podcast - Episode 1108

Cyberwire’s latest podcast features Caleb Barlow as he discusses how hospital CISOs are dealing with the COVID-19 situation.

Telehealth App Breach Spotlights Privacy, Security Risks

A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of potential security.

Are Academic Healthcare Systems Top COVID-19 Attack Targets?

UCSF released a report that shows that academic healthcare systems and healthcare sector entities both have been favorite targets of hackers during the COVID-19 pandemic.

Healthcare groups report lowest monthly breaches since 2016

Healthcare providers, insurers, and business associates reported 16 data breaches to the federal government in May, the lowest number of data breaches reported in a single month in more than 4 years.

Marti Arvin, Adam Greene and Joan Podleski on COVID-19 Disclosure Issues [Podcast]

Marti Arvin joins The Compliance and Ethics Blog podcast with guests as they discuss questions around the coronavirus pandemic about what is and isn’t permissible.

Inside Job at Clinics: Mobile Phone Used for Fraud

David Holtzman, Executive Advisor at CTEK discusses with Healthcare Info Security on the potential risks posed by employees inappropriately using personal devices during COVID-19.

HHS's COVID-19 Response, Recovery Efforts to Be Scrutinized

David Holtzman, Executive Advisor at CynergisTek, contributes this article, which focuses on the HHS’s new strategic plan for its oversight of HHS COVID-19.

The CyberWire Daily Podcast - Episode 1093

Cyberwire’s latest podcast features Caleb Barlow as he discusses if GDPR may have unintended consequences for stopping COVID-19 scammers.

The CyberWire Daily Podcast - Episode 1085

Cyberwire’s latest podcast features Caleb Barlow as he discusses Alan Brunacini’s concept of an Incident Action Plan.

What To Do When Vendors Fail

David Holtzman Executive Advisor at CynergisTek contributes this article, which focuses on how healthcare providers deal with the security of their vendors, as well as HIPAA requirements/suggestions.

Return to Home

Insights Center

Third-Party Security: Guarding Against Complacency

Previous Article

Next Article