tag:blogger.com,1999:blog-50460771742174560352024-02-07T11:13:06.539-06:00Peter Zubert's Tech Adventures - Identity Access GovernanceJoin Peter as he helps Business IT Leaders find solutions to their Identity and Access challengesAnonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.comBlogger300125tag:blogger.com,1999:blog-5046077174217456035.post-22118489113663180332016-09-06T14:15:00.001-05:002016-09-06T14:15:47.287-05:00Can't Stop the Ransomware - BankInfoSecurity<a href="http://www.bankinfosecurity.com/blogs/cant-stop-ransomware-p-2235?rf=2016-09-05-eb">Can't Stop the Ransomware - BankInfoSecurity</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-32901998092084948212016-09-04T20:08:00.001-05:002016-09-04T20:08:11.054-05:00Great phone os comparison Is it time to switch from iOS to Android?
http://flip.it/yyeddBAnonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-74032005537247630482016-08-08T20:49:00.001-05:002016-08-08T20:49:50.266-05:005 Years of Under-investment in Cybersecurity - Infosecurity Magazine<a href="http://www.infosecurity-magazine.com/news/15-years-of-underinvestment-in/?utm_source=socialondemand">5 Years of Under-investment in Cybersecurity - Infosecurity Magazine</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-14222151650185768222016-07-31T10:27:00.001-05:002016-07-31T10:27:55.364-05:00Good starter listThe 18 apps you should use every day to be more productive
http://flip.it/0S7AKAnonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-65671541463742652162016-07-27T10:22:00.001-05:002016-07-27T10:22:06.781-05:00Cybersecurity Experts Say Russia Hacked the Democrats - Bloomberg ViewInteresting. Hackers have many different motivating factors. They are coordinated. This why the Security community needs to work together, communicate and coordinate.<br /><br />
<br /><br />
<a href="http://www.bloomberg.com/view/articles/2016-07-25/cybersecurity-experts-say-russia-hacked-the-democrats?utm_campaign=socialondemand">Cybersecurity Experts Say Russia Hacked the Democrats - Bloomberg View</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-24308715842575942662016-07-05T09:47:00.001-05:002016-07-05T09:47:20.436-05:0011 signs your kid is hacking -- and what to do about it | InfoWorldI'm not worried about my kids but I could see how teens would be attracted to hacking. good info here.<br /><br />
<br /><br />
<br /><br />
<a href="http://www.infoworld.com/article/3088970/security/11-signs-your-kid-is-hacking-and-what-to-do-about-it.html">11 signs your kid is hacking -- and what to do about it | InfoWorld</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-48907734903335227552016-06-29T10:37:00.001-05:002016-06-29T10:37:22.102-05:00Envisioning the Hack That Could Take Down NYC -- NYMagFascinating and scary<br /><br />
<br /><br />
<br /><br />
<a href="http://nymag.com/daily/intelligencer/2016/06/the-hack-that-could-take-down-nyc.html?utm_source=socialondemand">Envisioning the Hack That Could Take Down NYC -- NYMag</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-1328455886428482022016-06-20T11:08:00.001-05:002016-06-20T11:08:57.974-05:00Beyond the data breach singularity - why your online identity may never be safe again | ZDNetHere is a great article about fraud and the current state of things. pretty scary!<br /><br />
<br /><br />
<br /><br />
<a href="http://www.zdnet.com/article/the-data-breach-singularity-why-your-identity-may-never-be-truly-safe-from-online-fraud-again/?utm_source=socialondemand&utm_medium=&utm_campaign=socialondemand">Beyond the data breach singularity - why your online identity may never be safe again | ZDNet</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-90164034347140496522016-06-16T09:22:00.001-05:002016-06-16T09:22:02.456-05:00All credentials are NOT created equal | CSO OnlineThis article talks about Privileged Credentials. Many companies start by protecting here because it seems the best choice. It really depends on what the goals of the business are and what the budget is.<br /><br />
<br /><br />
<br /><br />
<a href="http://www.csoonline.com/article/3080023/leadership-management/all-credentials-are-not-created-equal.html">All credentials are NOT created equal | CSO Online</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-131613068966457752016-05-27T10:49:00.001-05:002016-05-27T10:49:30.290-05:00Identity Management as a Business Enabler - HealthcareInfoSecurity<br /><br />
Here is a video that describes what my new job is about. I'm looking for making some changes to my blog. I hope you all will continue to follow me in my new role. Thanks for your patience while I work to transition my blog.<br /><br />
<br /><br />
<a href="http://www.healthcareinfosecurity.com/interviews/identity-management-as-business-enabler-i-3186">Identity Management as a Business Enabler - HealthcareInfoSecurity</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-90779998807101073872016-04-06T21:43:00.001-05:002016-04-06T21:43:29.949-05:00Great comparison Android vs iOS: how they compare
http://flip.it/vqmmsAnonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-39883623276783857962016-04-01T23:11:00.001-05:002016-04-01T23:11:57.227-05:00Awesome application of tech.These bizarre floating solar panels are solving 3 critical problems
http://flip.it/BbP.BAnonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-20681678063329403662016-03-30T23:59:00.001-05:002016-03-30T23:59:15.223-05:00Helpful list of ok Google commandsThe complete list of "OK, Google" commands
http://flip.it/KhVe0Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-63706877547074611092016-03-28T12:25:00.001-05:002016-03-28T12:25:06.833-05:00Cool fitness techThe Hexoskin wearable fitness shirt is (almost) the workout buddy of my dreams
http://flip.it/mnAc9Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-23825654381181275592016-03-26T15:32:00.001-05:002016-03-26T15:32:01.030-05:00Great overview of the top cloud providers Cloud wars: Google, Amazon and Microsoft battle to own the future of computing
http://flip.it/Z_0HvAnonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-63108551640422909122016-03-23T12:28:00.001-05:002016-03-23T12:28:44.319-05:00Google's cloud business nabs Home Depot as clientThis is notable. Microsoft has really been pushing their Azure cloud to us. I've not been super impressed with the cost of using this product or their development of solutions for the SMB market. Amazon seems to be even more ambiguous. I hope as Google gains ground they create some better out of the box solutions.<br /><br />
<br /><br />
<a href="http://www.msn.com/en-us/news/technology/googles-cloud-business-nabs-home-depot-as-client/ar-BBqNKVx?ocid=spartandhp">Google's cloud business nabs Home Depot as client</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-71748685691572995292016-03-21T08:58:00.001-05:002016-03-21T08:58:42.161-05:00Minnesota Hires 5,500 Tech Workers In 2015, But Demand Outstrips Supply<br /><br />
One of the things I've noticed is that having great hiring practices can make a great company. At Veracity I've watched the natural flow of employees in and out of the organization. We have a high retention level and still we have some turnover. I've been impressed that we don't panic but make internal adjustments and then work on getting the right employee for the spot. We also have a comprehensive employee on boarding process. The end result of our hiring process is that our customers are not impacted by the ebb and flow of the Tech workforce. <br /><br />
<br /><br />
<a href="http://tcbmag.com/News/Recent-News/2016/March/Minnesota-Hires-5-500-Tech-Workers-In-2015-But-Dem">Minnesota Hires 5,500 Tech Workers In 2015, But Demand Outstrips Supply</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-68801742579431241412016-03-10T10:14:00.001-06:002016-03-10T10:14:03.428-06:00Some good basic security practices for the SMB<div dir="ltr" style="text-align: left;" trbidi="on">
Here is a re-post of a blog from my company Veracity. If you have these basic practices in place you are probably far ahead of most businesses out there.<br />
<br />
http://www.veracitytech.com/2016/02/09/secure-your-business-with-these-it-policies/?utm_medium=email&utm_campaign=March%20Newsletter%20Become%20better%20with%20these%20productivity%20tips&utm_content=March%20Newsletter%20Become%20better%20with%20these%20productivity%20tips+CID_f4482003b638967228a2c11f81a957de&utm_source=Pronto%20Email%20Marketing&utm_term=Read%20More</div>
Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-42590001104897225632016-03-04T13:15:00.002-06:002016-03-04T13:15:39.660-06:00Helpful Information about HIPAA <div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: Arial, sans-serif;"><span style="font-size: 12px;">This is not my material but I like it. It's helpful basic info about how to approach HIPAA. </span></span></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";"><br /></span></b></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";"><br /></span></b></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";"><br /></span></b></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Technical Requirements You May Not
Understand</span></b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";"><o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; margin-bottom: 6pt;">
<a href="http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">HIPAA</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";"> Compliance can be a mystery. It can be even more
mysterious when you don’t understand technology. When you dig deep and try to
understand the tasks and procedures you need to protect electronic data you are
likely to encounter technical terms—and IT buzzwords— that are confusing. Here
are some tips you can use to ensure that your technology foundation is secure
enough to support HIPAA compliance. Remember that HIPAA compliance is a
fundamental requirement for you to earn and keep your </span><a href="http://www.hrsa.gov/healthit/toolbox/HIVAIDSCaretoolbox/SecurityAndPrivacyIssues/howdoicomplywitmu.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">Meaningful
Use</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";"> incentive money.<o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Overview<o:p></o:p></span></b></div>
<div class="MsoNormal" style="background: white; margin-bottom: 6pt;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">HIPAA protects any combination of something that can
identify a patient along with anything related to their diagnosis or treatment,
in any form– written, verbal, or electronic. The Security Rule provides a
framework for protecting electronic Protected Health Information (ePHI.) HIPAA
compliance was designed to be flexible enough to apply to health care
organizations of all kinds and sizes. Some HIPAA Security Rule requirements
are </span><a href="http://www.hhs.gov/ocr/privacy/hipaa/faq/securityrule/2020.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">Required
and others Addressable</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">. <i>Addressable </i>specifications
are sometimes confused as being Optional, which is not true. The US Department
of Health & Human Services says <i>“<b>a covered entity must implement
an addressable implementation specification if it is reasonable and appropriate
to do so, and must implement an equivalent alternative if the addressable
implementation specification is unreasonable and inappropriate, and there is a
reasonable and appropriate alternative.”</b></i><o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; margin-bottom: 6pt;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Our advice if you want to achieve HIPAA Compliance is to
assume that everything in the Security Rule is required, and you should set a
very high bar if you decide not to implement an Addressable item. If you
believe that an Addressable specification is not reasonable or appropriate, you
must document your decision and hope it stands up to a HIPAA audit or data
breach investigation.<o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Speak Geek?<o:p></o:p></span></b></div>
<div class="MsoNormal" style="background: white; margin-bottom: 6pt;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">If you don’t understand the terms you should contact an IT
Managed Services provider to help you evaluate your network. When it comes to
surviving a HIPAA audit or data breach investigation, you need an IT
professional. Like the specialists doctors refer patients to, and the tests
that they order to see what is happening under a patient’s skin, your
technology must be evaluated by someone with the proper skills and experience,
who must look deep into your network to identify its strengths and weaknesses. Make
sure they understand the HIPAA compliance requirements you face. One way is to
ask if they employ a </span><a href="http://www.4medapproved.com/hitsecurity/hipaa-compliance-meaningful-use/www.4medapproved.com/education/courses_CHSP.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">Certified
HIPAA Security Professional</span></a><u><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">.<o:p></o:p></span></u></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Business-class operating system<o:p></o:p></span></b></div>
<div class="MsoNormal" style="background: white; margin-bottom: 6pt;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">When you turn on a computer the first thing you encounter is
the operating system, usually Windows or Macintosh. What you may not know is
that there are different versions, some with little or no security built in to
save costs and keep prices low. Consumer versions of Windows and Macintosh do
not protect the files stored on the device, and do not allow you to securely
connect to a network. You need to have a business-class version of the operating
system and make sure it is properly set up to protect stored data and to
securely join a network. This means you should not be buying computers for your
network from retail stores that offer low-cost consumer products. Make sure you
achieve HIPAA compliance by purchasing professional models with business-class
security. Also, Windows XP will be losing its security updates in April, 2014,
which means that XP computers and medical instruments with imbedded XP
computers will no longer be HIPAA compliant and will be at a high risk of being
breached. Office 2003 is being retired and carries the same risks.<o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Business-class E-mail & Text
Messaging<o:p></o:p></span></b></div>
<div class="MsoNormal" style="background: white; margin-bottom: 6pt;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Webmail services like G-mail, Hotmail, Yahoo!, and those
provided by your Internet Service Provider (ISP) are not secure enough to send
Protected Health Information (PHI.) These services do not provide end-to-end
e-mail security, and the vendors will not sign Business Associate
Agreements. </span><a href="http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/pcsurgery_agreement.pdf" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">A
small medical practice paid a $ 100,000 fine</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";"> for
using webmail and an online calendar for PHI. For HIPAA compliance you need to
use a secure e-mail solution provided by a secure server you own; a secure
Cloud e-mail or encryption service from a vendor that will sign a Business
Associate Agreement; or by using the secure communications tools included in
your certified Electronic Health Record (EHR) system. Faxes are OK between
practices and pharmacies, unless your system converts the fax into an e-mail,
which cannot be sent to a webmail account. TEXTING USING THE CELL CARRIER’S
SYSTEMS IS NOT SECURE OR HIPAA-COMPLIANT. NEVER TEXT PATIENT INFO AND MAKE SURE
YOUR ANSWERING SERVICE IS NOT TEXTING.<o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Secure Network Infrastructure<o:p></o:p></span></b></div>
<div class="MsoNormal" style="background: white; margin-bottom: 6pt;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">There are two ways to set up a Windows network, a Workgroup
or a </span><a href="http://kb.iu.edu/data/aoup.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">Domain</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">. A peer-to-peer </span><a href="http://compnetworking.about.com/cs/design/g/bldef_workgroup.htm" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">Workgroup</span><span style="color: windowtext; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; text-decoration: none; text-underline: none;"> </span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">is a loosely connected group of workstations. A Domain is
centrally managed and includes security features. You cannot be compliant with
many HIPAA requirements like Information System Activity Review, Unique User
Identification, </span><a href="http://csrc.nist.gov/news_events/HIPAA-May2010_workshop/presentations/2-3-logging-auditing-mcmillan-cynergistek.pdf" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">Audit
Controls</span></a><u><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">,</span></u><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";"> and Person or Entity Authentication in a Workgroup. You
need a Domain. You may need to purchase a server, convert your existing server
into a Domain Controller, or create a secure network in the Cloud. A Workgroup
is a deal-breaker if you have any protected data anywhere other than your </span><a href="http://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Certification.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">certified
EHR system</span></a><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman"; mso-themecolor: accent1;">
</span><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">unless you have another way to log access and retain logs
for six years. Keep in mind all the old files you still must retain.<o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Encryption<o:p></o:p></span></b></div>
<div style="background: white; margin-bottom: 6.0pt; margin-left: 0in; margin-right: 0in; margin-top: 0in;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt;">While
encryption is Addressable for HIPAA compliance, if you don’t have it and a
device containing health information is lost or stolen, you must notify
patients and report the loss to the federal government for an investigation. If
a lost or stolen device is encrypted you do not have to notify patients or the
government. You can purchase encryption for almost every type of computer. You
can even purchase laptops that automatically self-encrypt when you turn them
off or close the lid. In 2012 a </span><a href="http://www.hhs.gov/news/press/2012pres/06/20120626a.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-themecolor: accent1;">state health department paid a $ 1.7 million penalty</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt;"> for a lost
unencrypted hard drive. A </span><a href="http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/meei-agreement.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-themecolor: accent1;">hospital paid a $ 1.5 million
fine</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt;"> for
a lost unencrypted laptop. In 2014 a health care provider paid $ 1.725 million
for losing an unencrypted laptop. Encryption costs a lot less than patient
notification and fines. <o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Passwords and Automatic Logoff<o:p></o:p></span></b></div>
<div style="background: white; margin-bottom: 6.0pt; margin-left: 0in; margin-right: 0in; margin-top: 0in;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt;">Yes,
I know they are inconvenient and annoying. However, HIPAA compliance requires
audit trails to identify which user accessed patient records. For this reason
individual users must log on and off by themselves, and not allow sharing of
passwords or piggy-backing multiple users during a single session. </span><a href="http://www.hhs.gov/ocr/privacy/hipaa/faq/securityrule/2004.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-themecolor: accent1;">Automatic logoff</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt;"> is Addressable,
but the alternative choices are expensive and very inconvenient. While you do
not have to use Automatic Logoff, the alternative is to NEVER (ever) allow a
patient in the room with an unlocked computer. You would either have to have
the doctor wait in an examining room for each patient to arrive and stay until
they leave, or hire additional staff to NEVER (ever) leave a patient in a room
with an unlocked computer. There are ways to make logging back on more
convenient, like fingerprint readers and proximity cards. Accept the facts that
you need to have each user log in and out, and that automatic logoff must be
used. Like airport security and searches on the way into ball games and
concerts, Security is a new way of life.<o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Firewall<o:p></o:p></span></b></div>
<div style="background: white; margin-bottom: 6.0pt; margin-left: 0in; margin-right: 0in; margin-top: 0in;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt;">Your
network is connected to the Internet by a router or a firewall. A router
directs traffic between two networks—your internal network and the Internet. A
firewall does the same, but includes security features to block unauthorized
traffic to achieve HIPAA compliance. A firewall can also filter Internet
traffic to prevent viruses and other malware from reaching your computers
(another HIPAA compliance requirement.) You need a business-grade firewall
including the additional subscription-based features to properly protect your
network. Recently </span><a href="http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/isu-agreement-press-release.html.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-themecolor: accent1;">a $ 400,000 fine</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt;"> was paid when a
firewall stopped blocking unauthorized traffic and 17,500 patient records were
breached. You can probably figure out that a firewall costs a lot less than the
fine and the cost to notify the patients.<o:p></o:p></span></div>
<div class="MsoNormal" style="background: white; line-height: 13.5pt; margin-bottom: .0001pt; margin-bottom: 0in;">
<b><span style="font-family: "Arial",sans-serif; font-size: 9.0pt; mso-fareast-font-family: "Times New Roman";">Professional IT Staff or IT Managed
Services<o:p></o:p></span></b></div>
<div style="background: white; margin-bottom: 6.0pt; margin-left: 0in; margin-right: 0in; margin-top: 0in;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt;">While
it may seem like fun for a doctor to manage your network in his spare time, or
a good role for his nephew, brother-in-law, or neighbor who can set up a home
network, HIPAA compliance requires either a full-time certified staff or a
Managed Services arrangement with a professional IT service provider. Managed
Service Providers (MSPs) offer remote services that continually monitor and
maintain your network at a fraction of the cost of a full-time IT staff.<o:p></o:p></span></div>
<br />
<div style="background: white; margin-bottom: 6.0pt; margin-left: 0in; margin-right: 0in; margin-top: 0in;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt;">First,
networks that meet HIPAA compliance need to be configured with Security at
multiple levels in mind (firewall, PC’s, laptops, tablets, smart phones, and
servers.) Then they must be monitored and managed to ensure that Security is
still working. IT Managed Service providers use remote monitoring and
management tools to continually monitor your network, identify problems before
they can result in damage, and keep everything updated with security patches.
When the $ 400,000 was assessed for the firewall that stopped blocking
unauthorized traffic, the HIPAA enforcers noted that the problem was not
detected for over 10 months and that proper system activity reviews would have
alerted the medical practice much sooner. A Managed Services provider would
have likely been alerted immediately. Make sure any outsourced provider signs
a </span><a href="http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/contractprov.html" target="_blank"><span style="color: #4f81bd; font-family: "Arial",sans-serif; font-size: 9.0pt; mso-themecolor: accent1;">Business Associate Agreement</span></a><span style="font-family: "Arial",sans-serif; font-size: 9.0pt;"> and implements a
HIPAA compliance program. Managed Services = HIPAA Compliance.<o:p></o:p></span></div>
<div style="background: white; margin-bottom: 6.0pt; margin-left: 0in; margin-right: 0in; margin-top: 0in;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt;"><br /></span></div>
<div style="background: white; margin-bottom: 6.0pt; margin-left: 0in; margin-right: 0in; margin-top: 0in;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt;"><br /></span></div>
<div style="background: white; margin-bottom: 6.0pt; margin-left: 0in; margin-right: 0in; margin-top: 0in;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt;"><br /></span></div>
<div style="background: white; margin-bottom: 6.0pt; margin-left: 0in; margin-right: 0in; margin-top: 0in;">
<span style="font-family: "Arial",sans-serif; font-size: 9.0pt;"><br /></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-15880785544063107932016-02-22T09:21:00.001-06:002016-02-22T09:21:29.845-06:00Good advice A Stanford psychologist says these 6 things are the keys to happiness and success
http://flip.it/H-NOoAnonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-2433653055123400762016-02-13T15:20:00.001-06:002016-02-13T15:20:03.743-06:00Interesting strategy Microsoft's big plan for the Xbox One: Make it more like Microsoft Office
http://flip.it/ug-RrAnonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-41232886421724796462016-01-13T10:01:00.001-06:002016-01-13T10:01:22.947-06:00ConnectWise IT Nation: 6 Takeaways For The Future Of MSPsBeing in the MSP business my regular question is "where is this industry headed?" It's nice to hear that Veracity is headed in the right direction.<br /><br />
<a href="http://www.trumethods.com/blog/connectwise-it-nation-6-takeaways-for-the-future-of-msps?utm_source=hs_email">ConnectWise IT Nation: 6 Takeaways For The Future Of MSPs</a><br /><br />
<br /><br />
The bigger issue is that our goal is to be world class. That means excellence and this is what gets me out of bed in the morning. Who wants to get up for average? not me. Never the less. The fear is that our business will evaporate with the growth of cloud services. I think that as long as people are the ones being served there will always be a need for managed services providers. It's just that the services being provided will change over time. 2016 looks to be a great year!Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-28574437840871695982016-01-12T15:33:00.001-06:002016-01-12T15:33:53.421-06:00Modern Workplace - Great remote workplace video from Microsoft<div dir="ltr" style="text-align: left;" trbidi="on">
<a aria-label="Share link" class="ytp-share-panel-link ytp-no-contextmenu" href="https://youtu.be/ECGdi9QYNc4?list=PLClCBn7ebwvvZA68zHw34MFwpwY0i7oRg" style="background-color: rgba(0, 0, 0, 0.8); color: white; display: block; font-family: Roboto, Arial, Helvetica, sans-serif; font-size: 23.98px; height: 28px; letter-spacing: 1px; margin-top: 18px; outline: 0px; overflow: hidden; text-align: center; text-decoration: none; text-overflow: ellipsis; transition: color 0.1s cubic-bezier(0.4, 0, 1, 1); white-space: nowrap;" target="_blank">https://youtu.be/ECGdi9QYNc4?list=PLClCBn7ebwvvZA68zHw34MFwpwY0i7oRg</a></div>
Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-30537338938727865482016-01-05T09:42:00.001-06:002016-01-05T09:42:57.709-06:00Under Armour and HTC built an entire fitness ecosystemI've had a Fit Bit for about 2 months now and I love it. What I really like is that the app integrates with "lose it" the calorie counting application I'm using. This will also be great this summer because Lose it integrates with "Strava" which is my cycling application which tracks my miles and calories. Well. it looks like UnderArmor and HTC have got this figured out with their new ecosystem. This is the type of thinking that works great when it comes to technology. The focus is health and fitness from a total coverage perspective. There are many factors that effect your ability to impact your fitness beyond just steps or calories. This is cool.<br /><br />
<br /><br />
<br /><br />
<a href="http://www.engadget.com/2016/01/05/under-armour-and-htc-built-an-entire-fitness-ecosystem/">Under Armour and HTC built an entire fitness ecosystem</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0tag:blogger.com,1999:blog-5046077174217456035.post-75680181588507744652015-12-17T09:13:00.001-06:002015-12-17T09:13:35.289-06:00Insite Acquires Storyworks1I've had the pleasure of working with Storyworks1 for the past 2 years as they have grown. As our customer I really enjoyed our conversations because they definitely value technology as a strategic advantage in business. As they have been acquired by Insite they will no longer be using our services. Insite has their own internal IT. Of course we will stay in touch with them. As the organization evolves they may see a need to bring us back in. I'm really excited about these 2 companies. They are taking the evolution of data to the next level and enabling businesses to do more with tech. I can't wait to see what their product matures into.<br /><br />
<br /><br />
<br /><br />
<a href="http://www.insitesoft.com/press-releases/insite-acquires-storyworks1/">Insite Acquires Storyworks1</a>Anonymoushttp://www.blogger.com/profile/16015345043103190691noreply@blogger.com0