Healthcare Newsletter

May 17, 2023

In This Edition:

  1. [News] Utah Hospital notifies patients of unauthorized PHI access: Roosevelt, Utah-based Uintah Basin Healthcare is notifying patients who have received care from the organization since 2012 that some of their protected health information may have been compromised.
  2. [News] Cybersecurity in Health Care: Critical to Patients, Medical Providers: As online threats of various sorts, from malicious hacking to holding data hostage, continue to grow and evolve, the enhancement of cybersecurity has become critical – for industry, healthcare providers, regulators, and policymakers. Thanks to the $1.7 trillion omnibus appropriations bill passed by Congress and signed into law by President Biden late last year, additional cybersecurity requirements will become a key focus for an unobvious sector: medical device manufacturers.
  3. [News] HC3 Warns Healthcare of Cyberattacks Against Popular Data Backup Software: The Health Sector Cybersecurity Coordination Center’s (HC3) latest alert details the growing trend of threat actors targeting a known vulnerability in Veeam Backup & Replication (VBR) software. VBR is a popular software product that can be used to back up, replicate, and restore data on virtual machines (VMs). 
  4. [Blog] Policies and Procedures Required by HIPAA: The importance of policies and procedures is two-fold. First, they serve as mandatory written reference guides for employees of hospitals, medical centers, and other covered entities and business associates. Second, they form the basis for the employee training that is also mandated by HIPAA.
  5. [Content Offer] A CISO’S Guide to Success in the First 90 Days: Join us for an interactive webinar as we have Henry Sanchez, the Director of IT at Life Extension, and Juan Carlos Hernandez, the PCI Practice Leader at 24By7Security, as they assume the acting roles of a CIO or main point in the IT Department and a new CISO entering an organization, respectively.

Utah Hospital notifies patients of unauthorized PHI access 

First pic for May Healthcare Newsletter (2)

Roosevelt, Utah-based Uintah Basin Healthcare is notifying patients who have received care from the organization since 2012 that some of their protected health information may have been compromised. The hospital said names, dates of birth, addresses, Social Security numbers, health insurance information and certain clinical details have been compromised. 

I want my PHI protected!

24By7 Security

 

Second pic for May Healthcare Newsletter

 Cybersecurity in Health Care: Critical to Patients, Medical Providers

As online threats of various sorts, from malicious hacking to holding data hostage, continue to grow and evolve, the enhancement of cybersecurity has become critical – for industry, healthcare providers, regulators, and policymakers. Thanks to the $1.7 trillion omnibus appropriations bill passed by Congress and signed into law by President Biden late last year, additional cybersecurity requirements will become a key focus for an unobvious sector: medical device manufacturers.

Learn the importance of Cybersecurity in Healthcare

24By7 Security

 

HC3 Warns Healthcare of Cyberattacks Against Popular Data Backup SoftwareThird pic for May Healthcare Newsletter

The Health Sector Cybersecurity Coordination Center’s (HC3) latest alert details the growing trend of threat actors targeting a known vulnerability in Veeam Backup & Replication (VBR) software. VBR is a popular software product that can be used to back up, replicate, and restore data on virtual machines (VMs). 

How can I learn more?

24By7 Security

Fourth pic for May Healthcare Newsletter

Policies and Procedures Required by HIPAA

 

Policies and procedures are required by various provisions of the Health Insurance Portability and Accountability Act of 1996. The importance of policies and procedures is two-fold. First, they serve as mandatory written reference guides for employees of hospitals, medical centers, and other covered entities and business associates. Second, they form the basis for the employee training that is also mandated by HIPAA. 

 

Where can I get more information?

Fifth pic for May Healthcare Newsletter
 

A CISO'S Guide to Success in the First 90 Days

Join us for an interactive webinar as we have Henry Sanchez, the Director of IT at Life Extension, and Juan Carlos Hernandez, the PCI Practice Leader at 24By7Security, as they assume the acting roles of a CIO or main point in the IT Department and a new CISO entering an organization, respectively. Whether you're a seasoned CISO or new to the role, this webinar will provide practical insights and tips for building a successful cybersecurity roadmap within an organization's first 30, 60, and 90 days.

 

Secure your spot today!

24By7 Security

UPCOMING EVENTS

 

May 18, 2023

 A CISO'S Guide to Success in the First 90 Days Online Webinar

May 19, 2023

 HIMSS Golf Tournament Jacaranda Golf Course

May 25, 2023

 FICPA Healthcare Conference Loews Royal Pacific Resort

 

24By7Security, Inc. is a full service Cybersecurity strategy, implementation, operations and training firm. We provide Cybersecurity and Compliance related services across all functions of the enterprise. Our Cybersecurity services include security risk assessments, vulnerability assessments and penetration testing, social engineering testing, web application testing, policies and procedures, incident response management, forensics, cybersecurity awareness training, Virtual CISO Services, and more. Our Compliance services include CMMC Readiness, CFPB/DFA, FIPA, FERPA, SOC-SSAE 18, GLBA, HIPAA, PCI, SOX, GDPR, ISO 27001, FFIEC, NIST-CSF, NYDFS Cybersecurity Regulations and others.