Tag: National Cybersecurity Institute

Increasingly cybercriminals are targeting the health care industry to obtain Personal Identifiable Information (PII) that they can utilize for financial gain. To combat these clever and skilled criminals requires equally skilled cyber professionals who are well trained and educated for their jobs. One way to attain such skills is by becoming a certified professional in …

The security of the data that rests in the servers of the health care industry is of great concern to the general public and government agencies. Assuring that the data remains confidential, its integrity remains secure, yet accessible, are worthy objectives. The Electronic Healthcare Network Accreditation Commission (EHNAC) is an independent standards development organization designed …

Late last year the US Senate voted overwhelmingly to pass CISA, the Cybersecurity Information Sharing Act. That piece of legislation requires organizations to share cyber information between private entities and various government agencies in an effort reduce the impact of breaches to digital systems. Coming on the heels of CISA, members of the Senate introduced …

In November 2015 and as part of the NCI’s IWICS, Dr. Jane LeClair hosted Michelle McGhee. Currently the Senior Network Security Specialist at Sprint United Telecommunications, Michelle’s primary focus is assessing the data security of projects, applications, and vendor contracts. Concentrated focus areas include social media, privacy, and mobile security. Michelle started her IT career …

The security of the data that rests in the servers of the health care industry is of great concern to the general public and government agencies. Assuring that the data remains confidential, its integrity remains secure, yet accessible, are worthy objectives. The Electronic Healthcare Network Accreditation Commission (EHNAC) is an independent standards development organization designed …

Recently a healthcare organization was fined $850,000 for HIPAA violations. At the top of the list of non-compliant activities was the failure of the organization to conduct a thorough risk analysis of all of its ePHI (electronic protected health information.) The HIPAA rule 164.308(a)(1)(ii)(A) states that: “Risk analysis requires the covered entity conduct an accurate …