Help Me With HIPAA artwork

Episode 21: Where does your fruit hang?

Help Me With HIPAA

English - October 02, 2015 10:30 - 38 minutes - 53.4 MB - ★★★★★ - 61 ratings
Business Technology hipaa businessassociate coveredentity privacy security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Episode 20: Its The People, People
Next Episode: Episode 22: So you think you're covered by cybersecurity insurance. Well...

Show Notes


If they were shocked that no one was actually watching for security holes at Ashley Madison you can bet they will be shocked that you haven't been looking because Healthcare is supposed to be private.


Ashley Madison: Nobody was watching


Top 10 Tech Companies with Ashley Madison Accounts


What kinds of things do you need to do to actually be considered looking for them, though?

HIPAA Compliant IT
Router / Firewall test showed 600% Increase in Unique Vulnerabilities Discovered Last Year (OCR / NIST conference)

Within hours or days of a release of software (firmware) vulnerabilities will be identified.
Keep firmware up-to-date

UTM - what is a UTM

not just a router off the shelf at best buy
IPS
Antivirus
Support Subscription!

Reporting each month - look at what is going on - if you have IT they can do it but you should be asking them for reports.
Printers / Copiers easy for hackers to get to first

Smart TVs

Patching helps when
Hackers

Start with "low hanging fruit" 
Beginning hackers look for easy challenges to practice their skills
Vulnerabilities for sale to each other
They just want in to see what you have and then see where they can go
Hacktivist - target you because of who works there or who you treat or your type of business

There is no way to know how many different parts of software are used from all over the world on any device or in any given application today

No list of ingredients on the back of your router or mobile device

None of this is new

We have all talked about it but no one listening to the security people until it happens at your business, office, or home

10 vulnerabilities account for nearly 97% of all exploits
Write little script yourself you could be opening a hole because you don't realize there are security implications to what you just wrote

Doctor convicted of illegally accessing medical records Doctor having an affair and looked at the mistress' medical records. Looking to see if she had STDs. Plead guilty in federal court and kept his license but must be monitored.