If you're a medical practice, you're probably tempted to give Chromebooks a try. They're cheaper than a traditional Windows or Mac computer, and they're a lot easier and cheaper to maintain. But are Chromebooks appropriate for a medical company? Can they be used to handle medical data? Are Chromebooks HIPAA compliant? We think they [...]
Wire fraud is a huge problem for Registered Investment Advisors. Every day, criminals trick firms like yours into wiring funds out of client OR firm accounts. What is the SEC Cybersecurity Guidance on wire fraud? And what are the best practices to stop wire fraud in firms today? It’s critical that your staff identify [...]
Protecting Your Business’ Most Sensitive Mobile Data Gone are the days of the rotary phone. Data is immensely portable. As we — individuals, consumers, corporate employees, investment advisors and financial investors — continue to rely on our mobile devices for everything, the level and amount of sensitive data that is stored on our mobile devices [...]
Welcome back to SEC Cybersecurity Guidance: Business Continuity Planning. The first steps (found here in Part 1) are: List your Specific Needs, and Discuss and Document... and here, in Part 2, we talk, and plan, and test. Disclaimer: we are STILL not lawyers. We are cybersecurity practitioners who work with a lot of registered [...]
If you’ve come to this site, you’re probably doing some research about SEC Cybersecurity Guidance. As part of the OCIE Cybersecurity Initiative, #6 in the SEC cybersecurity guidance clearly states that business continuity planning is a priority. Here’s what the SEC Cybersecurity Guidance says: “Please provide a copy of the Firm’s written business continuity [...]
It's a good idea... We have a lot of conversations with our clients about cybersecurity insurance. Adelia Risk doesn't sell cybersecurity insurance. Instead, we provide a holistic cybersecurity service to small, high value, heavily regulated firms. As part of providing our service, cybersecurity insurance is a common topic. The single biggest misconception that we see? [...]
Google’s email, calendar, and productivity tools (recently renamed to “G Suite”) are absolutely fantastic. They’re easy to use and very affordable. G Suite is also highly secure, but there are very specific things that you need to do to make G Suite / Gmail HIPAA-compliant. Here are some big ones... Disclaimer: we are not lawyers. [...]
How do you send PHI via email and still follow HIPAA? And how do you send encrypted email in Gmail? These are two of the most common questions we get. It’s an understandable question. Email has become the communication tool of choice in the digital age. Most workplaces rely on it heavily. If [...]
As part of our work helping medical practices with HIPAA and cybersecurity, we get to see lots of HIPAA mistakes. It’s interesting to spot the similarities across so many different companies. Here are nine of the most common HIPAA mistakes that we see. The scary part is we see them all the time. HIPAA Mistake 1: [...]