Not only do employers sponsoring group health plans have to be concerned with the plan maintaining protected health information (PHI), but they also have to pay attention to disposing of PHI. The HIPAA privacy rules require covered entities to take appropriate administrative, technical and physical safeguards to protect the privacy of PHI in any form. Any form includes protections in connection with the disposal of PHI.
October is recognized as National Cybersecurity Awareness Month which encourages individuals to access resources needed to say safe and secure online.
The Health Information Technology for Economic and Clinical Health (“HITECH”) Act amendments to HIPAA requires the Secretary of Health and Human Services to post a list of breaches of unsecured protected health information affecting 500 or more individuals.
The FBI has re-released its “Safe Online Surfing (SOS) Internet Challenge” to help students use the Internet securely. With an increase of cyber-crimes, it is important for people of all ages to understand how to keep information secure.
Security protocol at BAS prohibits compressed files from entering the network. A compressed file (such as one ending with .zip, .exe or .qt) may contain an undetectable virus or may cause malicious software to download onto the computer of the recipient who opens the file. BAS security can detect a compressed file even if the sender removes the extension name.
BAS employs data loss protection software to discover, monitor and protect confidential data no matter where it is stored.
The Center for Internet Security issued a reminder about properly disposing of old data and devices. CIS warns that failing to properly manage devices, online accounts, cloud storage and physical storage can lead to an unintentional disclosure of sensitive information.
Several government agencies have banded together to release a joint ransomware statement. Ransomware is a malicious software that is used to deny access to a computer system or data until a ransom is paid. Ransomware infects a system through phishing emails or by visiting an infected website.
The National Institute of Standards and Technology issued a Cybersecruity Practice Guide: Multifactor Authentication for E-Commerce. The guide presents various multifactor authentication protection methods that can be implemented to reduce fraudulent purchases.