Topics and guidance regarding best practices in encryption and cryptography, including risk assessment, best practices, implementation guidance, news regarding available tools, and related information.
Molina Healthcare, a leading Medicaid and Affordable Care Act insurer across 12 states, recently suffered a security breach in which patient records were exposed on their online subscriber portal. The application flaw, which was present on the web for nearly a month... Read More
HIPAA Security’s 42 requirements, many of which are merely one sentence in length, understandably result in many questions for organizations seeking to comply. To resolve some of this ambiguity, the HHS Office of Civil Rights, in April 2009, issued guidance to... Read More
The HIPAA Security Rule include two separate implementation specifications involving encryption. The first is contained at 45 CFR 164.312(a)(2)(iv): “Encryption and decryption (Addressable). Implement a mechanism to encrypt and decrypt electronic protected... Read More
Many healthcare organizations remain unaware that the Heartbleed bug can affect more than just websites and web servers. The bug, discovered separately by Neel Mehta and his team from Google Security in late March and later by Finnish security firm Codenomicon in... Read More
Incidents of lost and stolen assets are amount the most common causes of data loss or exposure, as reported by data breach incidents analyzed in Verizon’s 2014 Data Breach Investigations Report. This recent study collected data on over 63,000 confirmed security... Read More
