Business security becomes more critical every day. Not only must you comply with federal regulations such as HIPAA, but you must keep your company safe from hackers, spammers, viruses, worms and other threats. This weekly summary of significant security events is brought to you at no charge by Stony Hill Management, publishers of Home Care Automation Report and developers of GetHIP-Security, home care’s most widely-used HIPAA compliance tool.

Stricter Healthcare Security Guideline on the Horizon?

The National Committee on Vital and Health Statistics, one of the key organizations helping shape the president’s electronic medical records initiative, has called for research into the need for more well-defined security standards for healthcare providers. According to a recent Healthcare IT News article, Jeff Blair, co-chairman of the NCVHS Subcommittee on Standards and Security, characterized HIPAA as a set of general guidelines that do not necessarily define a minimum security threshold that healthcare organizations should provide. “We’re suggesting the government should have a research agenda for what should be the security and authentication requirements,” Blair said. “We’re calling for research to be done to assess future risks.”

Congress Moving Quickly on Privacy Front

You knew it wouldn’t take long for Congress to react to the recent rash of security incidents, particularly when they found out their personal information was at risk as a result of the Bank of America loss of a back-up tapes. Senators Schumer (D-NY), Leahy (D-VT), Corzine (D-NJ) and Burn (R-MT) appear to be taking the lead in the Senate, with Barton (R-TX) leading the charge in the House. According to EWeek correspondent Caron Carlson, over the next few months we can expect to see new bills drafted to “...establish parameters for the collection, storage and use of personal data, spanning Internet-based technologies from spyware and hacking to so-called evil-twin attacks. Issues once viewed as separate legislative matters, such as spyware and phishing, are being combined as lawmakers gradually formulate broader privacy policy.”

Web Mobs Compared to La Cosa Nostra

What do shadowcrew, carderplanet, stealthdivision and darkprofits have in common? They are all virtual crime families that Baseline Magazine writers John McCormick and Deborah Gage characterize as the modern day, internet-based, equivalent of La Cosa Nostra. According to McCormick and Gage, “...members of Web mobs don't have to break into a bank to rob it. Instead, they provide a framework and services for criminals to trade in their chosen stock — stolen credit cards and identity documents.” Citing a Secret Service report on shadowcrew, they note that the group’s 4,000 members ran a worldwide marketplace in which 1.5 million credit card numbers, 18 million e-mail accounts, and scores of identification documents were offered to the highest bidder. If you want to find out just how serious the issue of cybercrime is getting, you do not want to miss this story.

Auntie Em... The BotNets Are Coming!

It doesn’t sound like a particularly insidious threat, but a German university in just three months using only a few computers set up as “honeypots” (machines intentionally set up to be vulnerable to attack) identified more than 100 botnets. These are networks of compromised computers that can be used by hackers to launch attacks or distribute spam. The networks ranged in size from only a few hundred PCs to several that had more than 50,000 compromised machines. According to InformationWeek’s Greg Keizer, security experts believe more than 1 million machines are compromised throughout the world and that the bulk of the botnets are built using just a handful of exploits that take advantage of a few Windows vulnerabilities.

HIPAA Tip of the Week – Security Responsibility

The Security Rule includes a required implementation specification with regard to designating someone to serve as the security official in your organization. This is analogous to your privacy official designation. The same individual can wear both hats and is likely to do so in most small organizations. Your Security Official should be designated early in the compliance process, as they will most likely be responsible for completing your risk analysis and developing your risk management plan. For a free copy of a sample Security Official Job Description contact Stony Hill Management at info@hipaahomecare.com and put "Job Description" in the subject line.

Stony Hill’s GetHIP-Security software is used at more than 1,000 locations throughout the U.S. and is endorsed by more than 25 state and national associations. It includes more than 60 sample documents including a comprehensive risk analysis, policies and procedures, forms and training materials. To download an evaluation copy of the software or to access Stony Hill’s free four-part web-based Security Rule seminar visit our website at www.hipaahomecare.com.

HIPAA Homecare Hospice Security Software, HIPAA Policy Documents, HIPAA Implementation, HIPAA GetHIP Software, HIPAA Software Solution, Briggs Corporation - StonyHill Management

HIPAA Security Software - GetHIP   |  HIPPA Security Software NEWS  

Copyright© 2005 Stony Hill Management   |   All Rights Reserved.

Home Care Technology

web design by cymaxmedia