Techumen

Road Trip

techumen — Mon, 02 Apr 2012 21:24:33 +0000

We’ll be at the athenaHealth 2012 User Conference in Boston, presenting on “Security in the Age of HIPAA” as well as manning a booth. Stop on by if you’re attending.

A personal note

techumen — Fri, 10 Feb 2012 17:31:36 +0000

Your blogger got to see healthcare from the patient’s point of view this week, thanks to an emergency appendectomy. So this post won’t be disappointed commentary on the state of healthcare information security. Instead, I want to praise the staff at UCSF Medical Center, for there fantastic care-giving and for making the painful, uncertain, and unsettling process of surgery as pleasant and effective as possible. What could have been a horrible experience was not, thanks to their competence and compassion.

Run Silent, Run Deep

techumen — Mon, 23 Jan 2012 15:38:57 +0000

When we say “viruses are getting more sophisticated”, this is what we have in mind: Malware has been lurking on CCSF’s network for at “over a decade” , avoiding notice and quietly stealing data. It’s not the old days when malware made a visible splash and was easy to find. Today’s malware wants to avoid notice and provide a return to its authors, which means grabbing as much sensitive data as possible.

Coffee’s for closers

techumen — Wed, 18 Jan 2012 16:35:47 +0000

As we’ve mentioned before, the biggest threat to healthcare organization is not the wily hacker but the malicious insider. An Atlanta man was sentenced recently for some small scale corporate espionage. Cases like these are the reason we recommend providers review the activity on their systems, and see who has done what.

The costs of a data breach

techumen — Wed, 04 Jan 2012 18:44:09 +0000

There’s a case study in the NY Times recently on the costs of a data breach - in this case, a stolen laptop. Between staff time, lawyers, and other products/services, it came to $300K. That makes disk encryption a much higher ROI than typical for security projects.

This is potentially big

techumen — Mon, 10 Oct 2011 23:44:04 +0000

There’s a new exploit out there in SSL/TLS . This takes an old vulnerability and makes it easier to take advantage of. Be sure to upgrade your browsers regularly.

Ho hum, another one.

techumen — Fri, 30 Sep 2011 16:47:20 +0000

Another day, another breach, another unencrypted backup tape, another 4.9 million records lost. This is getting monotonous. Especially that all serious backup products offer encryption as a standard option.

Reasonable and Appropriate

techumen — Sat, 27 Aug 2011 20:47:35 +0000

Pete recently recorded a webinar for AboutHIPAA.com on “How to Implement Reasonable and Appropriate Controls in your organization”. The slides and audio are now online.

Security Risk Webcast

techumen — Thu, 28 Jul 2011 05:05:37 +0000

For those of you who missed Pete’s webcast at HITECH Answers, we’ll have a link to the recap in a day or so, as well as answers to the listener questions that couldn’t be answered due to time constraints.

Change those default passwords

techumen — Tue, 12 Jul 2011 16:50:01 +0000

The latest news from across the pond is that the British PM’s son’s medical records, among much other personal information, was cracked by tabloid reporters. Early report indicate that many victims hadn’t changed their default voicemail passwords. How many systems are on your network with the default passwords still in place?