![Help Me With HIPAA artwork](https://is1-ssl.mzstatic.com/image/thumb/Podcasts71/v4/15/ff/7d/15ff7d9e-d26b-1e9f-f130-9009a7b190a1/mza_1778069689053728594.jpg/100x100bb.jpg)
Episode 21: Where does your fruit hang?
Help Me With HIPAA
English - October 02, 2015 10:30 - 38 minutes - 53.4 MB - ★★★★★ - 61 ratingsBusiness Technology hipaa businessassociate coveredentity privacy security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Show Notes
If they were shocked that no one was actually watching for security holes at Ashley Madison you can bet they will be shocked that you haven't been looking because Healthcare is supposed to be private.
Ashley Madison: Nobody was watching
Top 10 Tech Companies with Ashley Madison Accounts
What kinds of things do you need to do to actually be considered looking for them, though?
HIPAA Compliant IT
Router / Firewall test showed 600% Increase in Unique Vulnerabilities Discovered Last Year (OCR / NIST conference)
Within hours or days of a release of software (firmware) vulnerabilities will be identified.
Keep firmware up-to-date
UTM - what is a UTM
not just a router off the shelf at best buy
IPS
Antivirus
Support Subscription!
Reporting each month - look at what is going on - if you have IT they can do it but you should be asking them for reports.
Printers / Copiers easy for hackers to get to first
Smart TVs
Patching helps when
Hackers
Start with "low hanging fruit"
Beginning hackers look for easy challenges to practice their skills
Vulnerabilities for sale to each other
They just want in to see what you have and then see where they can go
Hacktivist - target you because of who works there or who you treat or your type of business
There is no way to know how many different parts of software are used from all over the world on any device or in any given application today
No list of ingredients on the back of your router or mobile device
None of this is new
We have all talked about it but no one listening to the security people until it happens at your business, office, or home
10 vulnerabilities account for nearly 97% of all exploits
Write little script yourself you could be opening a hole because you don't realize there are security implications to what you just wrote
Doctor convicted of illegally accessing medical records Doctor having an affair and looked at the mistress' medical records. Looking to see if she had STDs. Plead guilty in federal court and kept his license but must be monitored.