Knowledge is the best attack deterrent, so check out our cyber security updates
24By7Security, Inc.

Cybersecurity Biweekly Newsletter - September 21, 2017

Findings of Phase 2 HIPAA audits by OCR/ NIST

During the OCR/ NIST Safeguarding Health Information: Building Assurance through HIPAA Security conference in September 2017, Linda Sanches from the Office of Civil Rights (OCR) provided an update on the results of the OCR Phase 2 HIPAA desk audits conducted.     She informed us that the goals of these OCR Phase 2 desk audits was to support improved compliance from the industry, identify best practices, uncover risks and vulnerabilities, detect areas needing technical assistance from OCR and to encourage consistent attention to compliance.  

Read More...

Cybersecurity issues can impact patient care

A running theme during the Sep 2017 OCR/ NIST HIPAA Security conference was that providers and business associates must be cognizant of the fact that Cybersecurity issues can impact patient care.   How often do we hear a provider say – “My priority is my patient, I don’t have time for other things”. Well, it is a fact that if Cybersecurity issues impact the confidentiality, integrity or availability of a provider’s patient information, then patient care will most likely be impacted.

Read More...

They all ask for a risk assessment – have you completed one this year?

Yes, they all ask for a risk assessment.   If you, as a healthcare covered entity or a healthcare business associate, ever get audited by the Office of Civil Rights (OCR), or if you have already had the pleasure of being audited, you will know that one of the first things OCR will ask you for is a documented risk assessment or risk analysis (these terms are used interchangeably in this post).   A documented risk assessment is also a requirement for meaningful use certification and reimbursement.  

Read More...

OCR Head Expects Major HIPAA Settlement for a Big, Juicy, Egregious Breach in 2017

Roger Severino, the Director of the Department of Health and Human Services’ Office for Civil Rights (OCR) has stated his main enforcement priority for 2017 is to find a “big, juicy, egregious” HIPAA breach and to use it as an example for other healthcare organizations on the dangers of failing to follow HIPAA Rules. At the recent ‘Safeguarding Health Information’ conference run by OCR and NIST,  Severino said, “I really want to make sure people come into compliance without us having to enforce. I want to underscore that. Just because you are small doesn’t mean we’re not looking and that you are safe if you are violating the law. You won’t be.”

Read More...

Patients’ Right of Access – Get it, Check it, Use it

Patients’ right of access to their health information was emphasized by multiple speakers at the annual NIST/ OCR HIPAA Security Conference in Washington D.C. in September 2017.     Just like we at 24By7Security say about Cybersecurity, “Don’t risk it, Secure it”, OCR (Office of Civil Rights) says of patients’ health information, “Get it, Check it, Use it”. Patients need to be empowered to take control of their own health information.   Patients have a right to access their own health information, and this is an important part of the information equation for HIPAA compliance.   Security is just one part, patients’ right of access is another.

Read More...

HHS provides humane relief from HIPAA sanctions and penalties after a disaster

In the wake of a severe disaster and/ or a declared emergency, Health and Human Services (HHS) may decide to waive HIPAA sanctions and penalties against covered hospitals that may not comply with specific provisions of the HIPAA Privacy Rule. This was done recently in the emergency areas after Hurricane Harvey hit in Texas and Louisiana. A similar waiver may be issued after future disasters, as needed, when it becomes necessary to assist patients in receiving the care they need, and sometimes to locate missing family members. It is important to note that the waiver only applies to hospitals that have instituted a disaster protocol for up to 72 hours from the time the hospital implements its disaster protocol.

Read More...

Five Steps to HIPAA Compliance

This is a must for all physicians and their staff to view. Outlined are 5 basic steps to HIPAA Compliance. All medical providers must assess their HIPAA Compliance status annually by conducting a HIPAA Security Risk Assessment every year, review their policies and procedures annually and train their employees every year. Call 24By7Security, Inc for a security risk assessment today. Visit our website at https://24By7Security.com. We are Cybersecurity and Compliance Specialists.  Let us be your first line of defense against a cyber attack. Call us at (844) 55-CYBER or email us at contact@24By7Security.com today!

Free Copy of HIPAA Security and Privacy Regulations - Poster/ Checklist

Download condensed 3-page HIPAA regulations summary and checklist here, and put it up on your wall, and mark off what you have done and what is pending - for a clear one-shot view! 

Upcoming Events!

Webinar: Best Practices for Compliance and Security in the Cloud October 4, 2017 @ 2:00 pm

Sanjay Deo, President of 24By7Security, Inc. will host a webinar in partnership with Care Analytics.

More Information....

ISSA 2017 International Conference - Oct 9 - 11, 2017

Michael Brown of 24By7Security, Inc. will be speaking on Cyber Resilience at the ISSA 2017 International Conference being hosted at the Sheraton Hotel and Marina in San Diego, California.

More Information....

SWTG Tech Conference and Expo - October 11 @ 10:00 am - 5:00 pm

24By7Security will be sponsoring and exhibiting at the Sinnott Wolach Technology Group (SWTG) Tech Conference and Expo on October 11, 2017.  

More Information....

Cybersecurity Day at NSU - October 19 @ 8:00 am - 1:00 pm

24By7Security is pleased to sponsor and present at Cybersecurity Day annual event at Nova Southeastern University – with a day of Cybersecurity discussions with talented high school students.

More Information....

Georgia ISSA Atlanta Conference - Nov 15, 2017 @ 8:00 am

24By7Security is pleased to sponsor Atlanta’s premier security conference, “Paradigm of Dependable Security” and will be exhibiting and networking there.

More Information....

Data Connectors Fort Lauderdale Tech-Security Conference - Dec 14, 2017

24By7Security is pleased to sponsor the Data Connectors Fort Lauderdale Tech-Security Conference at Fort Lauderdale, Florida.

More Information....

Facebook Twitter Linkedin Youtube Google Instagram

About us

24By7Security, Inc. is a full service Cybersecurity strategy, implementation, operations and training firm.  We provide Cybersecurity and compliance related services across all functions of the enterprise. Our services include CFPB/DFA, FIPA, FERPA, GLBA, HIPAA, PCI, SOX, and others.

Visit Our Website
Facebook Twitter Linkedin Youtube Google Instagram

24By7Security, Inc.

4613 N. University Drive, Suite #267

Coral Springs, Fl - 33067

(844) 55-CYBER

www.24By7Security.com