On Monday, August 18th, Community Health Systems (CHS) reported that it had been the victim of a cyber attack from a Chinese hacking group named “APT 18”, a group alleged to have ties to the Chinese government. APT 18 successfully stole a large quantity of PHI data, including social security numbers, contact information, and other... Continue reading
Per the Health Insurance of Portability and Accountability Act of 1996 (otherwise known as HIPAA) Security Rule, a number of “technical safeguards” combined with the physical security of the computer systems that store and interact with protected health information (PHI) make up the bulk of what is required in order to fall within the realm... Continue reading
The term “SQL Server” refers to the Relational Database Management System (RDBMS) software which runs on the physical/virtual host. There are many different implementations of SQL (Structured Query Language) and choosing between them is dependent upon the database requirements and can have an impact on compliance efforts when dealing with HIPAA guidelines. Many choices are... Continue reading
HIPAA guidelines regarding data retention state that the logs (access/activity) and protected health information (PHI) documentation proving that the covered entity is adhering to the HIPAA Security Rule are retained for six (6) years. This regulation mandates that records are to be retained for essentially any interaction with patient PHI and personally identifiable information (PII),... Continue reading
When compromising a HIPAA server, more often than not, the fundamental shortcoming (“exploit”) of the software that has allowed a user to gain unauthorized access is not inherent to the software being used, but is often a weakness caused by improper configuration or lack of patch application. The process of disabling the system services that... Continue reading
Most people are familiar with the idea of passwords, and the importance of using strong ones. However, what many don’t know is that there’s no such thing as an uncrackable password. With proper resources and time, an attacker can crack any password by means of brute force (trying every permutation in a given table). With... Continue reading
Download HIPAA Checklist
HIPAA Insider Newsletter
Get Your HIPAA Compliant WordPress Hosting Today!
For just $120/mo (first month free!), never lose sleep over data breaches or $10,000s in fines again.
