If you're thinking of hiring a Penetration Testing service, you definitely need to do your due diligence. There's a wide range of services that penetration testing firms offer, ranging from cheap automated scans to manual expert exploit detection. As part of your due diligence process, here are 14 questions that you should consider asking the [...]
We'd like to answer one of the most common questions that we get about HIPAA compliant email. One of the visitors to our site asked us... "How is the e-mail encrypted when the client/patient responds to your encrypted e-mail you send to them? I understand the e-mail you send to them is encrypted, but I [...]
This content is password protected. To view it please enter your password below: Password:
As part of our work helping medical practices with HIPAA and cybersecurity, we get to see lots of HIPAA mistakes. It’s interesting to spot the similarities across so many different companies. Here are nine of the most common HIPAA mistakes that we see. The scary part is we see them all the time. HIPAA Mistake 1: [...]
Google’s email, calendar, and productivity tools (recently renamed to “G Suite”) are absolutely fantastic. They’re easy to use and very affordable. G Suite is also highly secure, but there are very specific things that you need to do to make G Suite / Gmail HIPAA-compliant. Here are some big ones... Disclaimer: we are not lawyers. [...]
Last week, a nasty ransomware email showed up in my personal Gmail inbox. As free services go, Gmail is pretty good at spotting phishing and ransomware emails. However, they completely missed this one. It wasn't in my Spam folder, and it had none of the warnings from Google that it might be malicious. Here's what [...]
A lot of companies make a huge mistake when it comes to G Suite and HIPAA. They think that all they have to do is sign a HIPAA Business Associate Agreement (BAA) with Google, and they're suddenly HIPAA compliant. Nothing could be further from the truth. Here's the story of Ted (not his real name). [...]
Last week, we were sitting in a conference room with 20 people. These were smart people. All highly educated. They all use computers every single day. We were talking to them about ways to keep safe online. The conversation ranged from phishing to ransomware to staying safe at home. It was fun to be with [...]
Video Transcript Here's what the average person needs to know about WannaCry ransomware. I'm sure you saw the news over the weekend that hundreds of thousands of computers have been hit by WannaCry ransomware. It's all over the place. I'm going to show you a few things you can do to know whether [...]
Thinking about moving some services to the cloud? Is Microsoft Azure HIPAA compliant and suitable for ePHI? A client wanted to use Microsoft Azure as a HIPAA-compliant disaster recovery site, so we took a look. Here’s what we found about Microsoft Azure and HIPAA compliance. Will Microsoft Azure sign a HIPAA Business Associate Agreement? Any [...]