Altex Business Solutions Blog

Altex Business Solutions has been serving the Texas area since 1993, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Study Finds Social Media Phishing Scams to Be the Most Dangerous

Study Finds Social Media Phishing Scams to Be the Most Dangerous

Ordinary fishing, where you hope for a simple-minded fish to latch onto your hook, relies on using a proper lure. The same can be said for the virtual method of phishing, where a hacker will use a similar type of “lure” to convince the target to bite. These phishing scams are especially useful for hackers who want to take advantage of social media to find new targets. A recent study has shown that this is a surprisingly effective method of phishing.

0 Comments
Continue reading

Alert: LastPass Vulnerability Found. Is Any Password Manager Safe?

Alert: LastPass Vulnerability Found. Is Any Password Manager Safe?

Thanks to one of Google’s researchers with the Zero Day Project, it has been discovered that LastPass has a major vulnerability as a result of a major architectural problem. This news comes on the heels of many other flaws the same researcher discovered within LastPass. However, based on what the researcher claims, these vulnerabilities were much less serious than his latest discovery.

0 Comments
Continue reading

Don’t Let HIPAA Audits, Ransomware Sink Your Practice

Don’t Let HIPAA Audits, Ransomware Sink Your Practice

Don’t Let HIPAA Audits, Ransomware Sink Your Practice

At the same time medical practices are faced with the increased likelihood of a HIPAA audit, hackers hover around waiting to steal patients’ personal data and/or hold it hostage through ransomware scams. These practices could easily sink in the perfect storm created by the confluence of these twin threats — especially if they are weighed down with tens of thousands of unsecured patients’ records.

Though they may have ignored earlier warning signs, medical practices should not be surprised by the escalating risk of being saddled with a HIPAA compliance audit. During the 2011 Phase 1 round of audits, the Office of Civil Rights (OCR) in the Department of Health and Human Services (HHS) found a significant percentage of medical entities had not performed a comprehensive security risk assessment.

On top of that, the Office of the Inspector General criticized OCR for not investigating a sufficient number of small data breaches or tracking all healthcare organizations found to be violating federal privacy laws —criticisms that could prompt stricter enforcement and steeper fines

At the same time medical practices are faced with the increased likelihood of a HIPAA audit, hackers hover around waiting to steal patients’ personal data and/or hold it hostage through ransomware scams. These practices could easily sink in the perfect storm created by the confluence of these twin threats — especially if they are weighed down with tens of thousands of unsecured patients' records.

Though they may have ignored earlier warning signs, medical practices should not be surprised by the escalating risk of being saddled with a HIPAA compliance audit. During the 2011 Phase 1 round of audits, the Office of Civil Rights (OCR) in the Department of Health and Human Services (HHS) found a significant percentage of medical entities had not performed a comprehensive security risk assessment.

On top of that, the Office of the Inspector General criticized OCR for not investigating a sufficient number of small data breaches or tracking all healthcare organizations found to be violating federal privacy laws —criticisms that could prompt stricter enforcement and steeper fines.

OCR is in the process of sending tens of thousands of emails to collect contact information on data security officers in medical facilities. While not all small practices may be subject to a review, the price for failing a HIPAA audit is steep. Earlier in 2016, OCR received two multimillion-dollar settlements from providers whose unencrypted laptops had been stolen. More than that, those practices could lose patients who are fearful about the potential theft of their personal information.

Continue reading

Is Ransomware Considered A HIPAA Breach?

Is Ransomware Considered A HIPAA Breach?

The topic of ransomware, especially ransomware hitting healthcare organizations, is making headlines daily. Dan Munro has a very good article over at Forbes that asks an important question:

Is Ransomware Considered A Health Data Breach Under HIPAA?

David Harlow, Principal – The Harlow Group, LLC, whose insight into HIPAA law I respect greatly, states:

Ransomware has just recently come to the fore as a threat to the healthcare industry and it challenges our collective instincts about what should be considered data breaches under HIPAA. We need to remember that HIPAA is narrowly drawn and that a breach is defined as the unauthorized “access, acquisition, use or disclosure” of PHI. In many cases, ransomware “wraps” PHI rather than breaches it. This may explain why there are so few public reports of ransomware in healthcare – there is no obligation to report these incidents to OCR

Continue reading

Latest Blog

A.I. is one of those technologies that captivates the imagination with endless possibilities. You can’t turn your head these days without using something integrated with early artificial intelligence. Machine learning platforms, which are v...

Contact Us

Learn more about what Altex Business Solutions
can do for your business.

Altex Business Solutions
10223 Broadway P231
Pearland, Texas 77584

Account Login