by Gary Pritts | Mar 6, 2014 | HIPAA
“Top 20 Critical Security Controls” began in 2008 as an effort by U.S. and international agencies, including our own NSA, which has been the subject of so much media attention recently. Eventually, recommendations for what became the “Critical Security Controls”... Read More
by Gary Pritts | Feb 27, 2014 | HIPAA
One item in the OIG 2014 Work Plan is to examine the controls over networked medical devices. That’s right. Yet another government entity, the OIG, plans to scrutinize hospital IT / Biomedical security. The OIG indicates that biomedical equipment is “increasingly... Read More
by Gary Pritts | Feb 24, 2014 | HIPAA
There has been quite a bit of activity from the HHS Office of Civil Rights (OCR) related to health information privacy. Consumers and medical providers should take note of the following: A Spanish version of the Model Notices of Privacy Practices (NPP) has been issued... Read More
by Gary Pritts | Feb 13, 2014 | HIPAA
[Editor’s Note: During 2016 Healthcare experienced a dramatic increase of virulent ransomware attacks. Please also see a more a more comprehensive list of security contols in the post Preventing and Mitigating Ransomware Attacks, posted 10/4/2016.] A nasty... Read More
by Gary Pritts | Feb 4, 2014 | HIPAA
Several recent enforcement actions from the HHS Office of Civil Rights, along with OCR’s consistent messaging, have highlighted the importance of the HIPAA security risk analysis for healthcare organizations. Further, recent cases make it clear that a... Read More
by Gary Pritts | Jan 17, 2014 | HIPAA
That’s right, even a refrigerator can now fall victim to hackers. According to security firm Proofpoint, more than 750,000 malicious emails were sent between Dec. 23, 2013 and Jan. 6, 2014, when hackers gained access to smart devices, such as common appliances, left... Read More
Eagle works with clients in healthcare and healthcare business associates to ensure HIPAA Security compliance. We provide a set of policy templates for a variety of business associate types including Cloud Vendors, Third Party Administrators, and Information Technology companies.