With 100 million Capital One customers impacted, it is worth taking a closer look at the 2019 Capital One data breach and web application security. According to CNN, the breach was carried out by a former Amazon Web Services (AWS) employee who exploited a misconfigured web application firewall (WAF) to gain access to customer data.…
Windows 7 Support Ends in January Microsoft has announced that support for Windows 7 will be discontinued after January 14, 2020. If you continue to use Windows 7 after that date, Microsoft warns that your Windows 7 based systems will become vulnerable to security risks. Covered Entities and Business Associates tasked with complying with HIPAA,…
Virtis award-winning cybersecurity solutions protect both the private and public sectors. Industries relying upon Virtis include Enterprise, Government, Financial Services, Healthcare, Biotech, and Retail. Compliant Legal Solutions, LLC, is proud to announce that we have established a strategic partnership with Virtis US, LLC. This partnership allows us to offer our clients the same award-winning leading-edge…
The HITECH Act of 2009 requires the publication of breach summaries, which the Department of Health and Human Services’ (DHHS) Office of Civil Rights (OCR) has been doing on its website, which has come to be referred to as the OCR Wall of Shame. Breach summaries are published for all reported breaches affecting 500 or…
Healthcare and public health sector partners were advised by the Department of Health and Human Services (DHHS) about a cyber vulnerability in certain Microsoft products. Two reports were released by Microsoft and DHHS this week addressing multiple vulnerabilities with Microsoft products, including the Windows operating system, and a threat by a group DHHS labeled “Hidden…
Encrypting personal health information is a front line precaution in securing personally identifiable information. Two months ago a health center was broken into and burglarized. The facility had an alarm that was sounded, summoning law enforcement but the thieves had fled by the time they arrived, making their get away with four desktop and two…
Cyber attack guidance was released by U.S. Department of Health & Human Services (DHHS), Office for Civil Rights (OCR) on June 8, 2017, including a cyber security checklist and infographic outlining the steps for a HIPAA covered entity, or its business associate, to take in the event of a cyber attack. A covered entity or business associate must…
HIPAA privacy violations are a concern during public presentations, as highlighted in a report of a presentation by an executive from a national health insurer at a local Rotary Club meeting. The health insurance executive described a specific case of a 17-year-old boy for whom the carrier is spending $1 million per month to cover…