All Posts Tagged: mobile device management

doctor's mobile devices

1 in 5 Doctor’s Mobile Devices May Be At High Risk

As important a role as mobile plays in healthcare, it may also pose an equally serious threat, according to a report by Skycure, a mobile threat defense company based in Palo Alto, Calif. In fact, the report found that the doctors who use mobile devices—approximately 80% of doctors use mobile devices and 28% store patient data on their mobile device, according to the report– in their day-to-day practice are exposed to network threats that increase over time.

Read More
secure texting in healthcare

Before Tackling Secure Texting in Healthcare, Change Culture

While data breaches in the retail and government sectors grabbed the lion’s share of headlines last year, hospitals and healthcare systems remain a favorite target of cyberattacks. The reason is simple: the combination of vast amounts of personally identifiable information, along with electronic health records.

Read More
Dancing with HIPAA Compliance

Selfies, Videos, and Social Media: Dancing with HIPAA Compliance Dangers Dental Practice

If your practice is like many others, you’re doing the HIPAA compliance dance. You may not know all the moves, but you’re trying your best to follow along and get it right. And that’s the problem! There are SO many moves. There are hundreds of pages of rules and regulations that you need to know and understand. Most dental practices are so busy that it’s hard to find the time to handle this effectively.

Read More
Dangers of Unsecure Texting HIPAA

Minimizing Mobile Risks in Healthcare

Minimizing emerging threats to mobile devices and applications should be a top health data breach prevention priority for 2016!

“What we’re seeing from the new [threat] vector perspective is that a lot of mobile is coming to the spotlight,” says Bowen, chief privacy and security officer and founder of the security firm ClearDATA.

“We’ve seen this trend for the last few years where we can use a mobile device in an incredibly effective way to enable healthcare to deliver amazing patient care,” he says in an interview with Information Security Media Group. “Some of the greatest innovations happen that way. Unfortunately, at times, the mobile device has been enabled with great software that doesn’t necessarily consider the entire ecosystem from a hardening perspective.”

The only way to stay ahead of emerging threats is to “employ a security-first strategy, make sure you’re doing vendor diligence, and make sure you’re implementing a defense-in-depth strategy that considers every layer of security,” he says.

For instance, healthcare organizations need to realize that mobile software may be storing logs that could contain personally identifiable information for a patient. Also, “you may be incorporating data flows from inside and outside that application that may not be hardened,” he notes.

Additionally, mobile data is at risk “because people are still lugging laptops around without encryption,” he notes.

In fact, about one-third of incidents listed on the Department of Health and Human Services “wall of shame” website of major health data breaches affecting 500 or more individuals since September 2009 involve unencrypted lost or stolen laptops or other portable electronic devices.

It’s also important to vet technology suppliers, he stresses. “We see new entrants into the healthcare market – and sometimes that’s a great thing, and other times it’s shocking how lax the security can be, even from security vendors who really claim to embrace a security-in-depth strategy.”

Other Threats

In developing strategies to fight against hacker attacks, which were pervasive in 2015, organizations need to take steps to make sure social engineering tactics fail, he says. “Hackers are really going after the easiest targets first,” he points out. “It’s not about stealing a database of credentials. It’s more about stealing credentials one phishing email or keystroke logger at a time.”

In the interview, Bowen also discusses:

  • Other security weaknesses that make healthcare organization easy targets for cyberattacks, and what those entities can do to bolster security;
  • How healthcare entities can better prevent and detect breaches involving insiders, including members of their workforce as well as business associates;
  • Three lessons that can be learned from the top healthcare breaches in 2015.

Bowen is the chief privacy and security officer and founder of security firm ClearDATA. He manages the risks and business impacts faced by global healthcare organizations, with a specific focus on cyberthreats, privacy violations, security incidents, social engineering attempts and data breaches. Bowen is a Certified Information Privacy Professional,Certified Information Privacy Technologist and Certified Information Systems Security Professional.

Full interview here

Read More
complying with hipaa 2015

Lync: Guidelines for Complying with HIPAA 2015

Guidelines for complying with HIPAA privacy and security rules when using Lync

  • HIPAA requirements
  • Guidelines for securely storing and sharing sensitive data
  • Use disk encryption
  • Use a secure messaging application
  • Don’t save Lync call logs
  • Disable missed call notifications and voice mail text previews

To learn more about encryption and complying with HIPAA 2015, check out our FAQs section for encryption.

HIPAA Requirements

HIPAA compliance requires protected information to be encrypted when it’s “at rest” (i.e., in storage) and “in transit” (during transmission over a communications network). For further definition of these concepts, see Data Encryption.
All data “in transit” via Lync (for instant messaging, or voice or video conversations) are encrypted during transmission.
Information stored on servers is also encrypted. This, plus the additional measures of housing the Lync and Outlook servers in the CAM Hosted Exchange Data Center, and restricting physical and administrative access to them, satisfies one end of the “at rest” requirement.
However, the other end of the “at rest” requirement must be met client-side (i.e., on your computer). It is important that you (or your companies IT Pro) take the following recommended precautions to ensure the devices (e.g., computers, laptops, and mobile devices) and applications (e.g., Lync/Skype for Business, and Outlook) you use are properly secured to protect any sensitive data they store or transmit.

Guidelines for Securely Storing and Sharing Sensitive Data

CAM recommends taking the following precautions if you store or communicate data that contain protected health information (PHI) or other sensitive data protected by HIPAA.

Use Disk Encryption

Use disk encryption on any desktop system, laptop, or portable device you use to access or store sensitive data. We prefer DESLock Enterprise because of its central management capabilities.

Use a Secure Messaging Application

Use a secure messaging application, such as the Echoworx, when you use Outlook to forward email and voice mail messages containing sensitive data. See our Encrypted Email FAQs

Don’t Save Lync Call Logs

Make sure Lync is not saving your call logs (this applies to Windows computers only).

To do so:

  • In Lync, in the upper right corner, click the Options (gear) icon.
  • From the menu on the left, select Personal.
  • Make sure the box next to “Save call logs in my email Conversation History folder” is unchecked.
  • Click OK.
Disable Missed Call Notifications and Voice Mail Text Previews

Disable missed call notifications and voice mail text previews of voice messages; you must use the Outlook Web App (OWA) to access these settings.

To do so:

  • Log into OWA , and in the upper right, click the Settings (gear) icon. Click Options.
  • In the left navigation bar, click phone.
  • To disable missed call notifications, at the top, if necessary, click voice mail. Under “notifications” (you may need to scroll down), uncheck the box next to “Send an email message to my Inbox when I miss a phone call”. Additionally, if you have text message notifications set up, select I don’t want to receive text messages about missed calls and voice messages.
  • To disable text preview of voice messages, on the voice mail tab, under “voice mail preview”, uncheck the boxes next to “Include preview text with voice messages I receive” and “Include preview text with voice messages I send through Outlook Voice Access”.
  • To save your changes, in the bottom left, click save.
Read More
Fear Itself Speech 修改 文章 英文 click through the following web site | Advanced Trading Tools · Learn How to Trade opciones binarias demo click here now
Loan Canada go credit visit their website