If you’re plugged into the world of cybersecurity, then you’ve most likely come across breathless reports of new “zero-day” vulnerabilities hitting the wild. And, on the surface, these sound terrible… but do you understand what that means?

A zero-day exploit is a significant, but not world-ending, security flaw affecting systems without anyone having noticed them yet. Rather than a cause for worry, these issues call us to remain ever-vigilant against potential security issues and our responses to them. 

Read More

Protecting patient information is a crucial and necessary part of healthcare… but so is communicating effectively with patients. Considering that email continues to be the most common form of electronic communication, it stands to reason that providers meet patients where they are. 

However, HIPAA regulations have rather strict requirements for protecting PHI, and plain email just doesn’t cut it. Here, we’ll discuss how to effectively use email to engage with patients without breaking compliance.

Read More

Securing protected health information (PHI) is one of the paramount cybersecurity concerns of many organizations, both inside and outside the healthcare industry. This information, if released to unauthorized parties, could lead to significant personal harm to patients that organizations must avoid at all costs. 

The Healthcare Insurance Portability and Accessibility Act (HIPAA) governs the protection of PHI, and in doing so, provides the framework by which healthcare organizations must act toward that mission. However, HIPAA isn’t the only source of truth for securing PHI. For additional guidance, compliance and security officers and technical managers will look to another document, NIST 800-66. 

Read More