NRC Health, a software and patient satisfaction survey provider holding data from more than 25 million patients, was locked out of its computer system in February because of a ransomware attack. When a breach like this occurs, the fault (at least in the eyes of the federal Office for Civil Rights [OCR]) tends to land on the vendor’s shoulders. But this is not always the case.
David Holtzman, Executive Advisor at CynergisTek, contributes this article, which focuses on on how healthcare providers deal with the security of their vendors, as well as HIPAA requirements/suggestions.
Click here to read the full story.