Consumer-grade file syncing services (CGFS) are prevalent, providing much needed access to our data. Many of us use some version of this service, such as Dropbox, every day to store and access Word docs, spreadsheets, and presentations, for instance. CGFS services evolve regularly to offer more storage, more security, and better backup and recovery support. … read more
“Could encrypting everything result in a more simplified strategy for security technology, saving costs and improving security posture now and in the future?” – Dave Shackleford, IANS Faculty Member and SANS Analyst
Under HIPAA regulations, organizations that create, receive, maintain or transmit electronic protected health information (ePHI) are required to protect the privacy and security … read more
“A recent U.S. government interagency report indicates that an average of 4,000 ransomware attacks happen daily, since early 2016. This is a 300% increase over the 1,000 daily ransomware attacks reported in 2015.” Source: HHS.gov.
Ransomware presents a very serious threat today. For organizations that work with electronic protected health information (ePHI), ransomware threatens not … read more
It’s that time again: conference planning season. Tech events are taking place all over the world—and while most technology-based conferences are designed to provide you with in-depth exposure to the latest in tech solutions, it can be difficult to decide which events to attend.
Some conferences provide high-level information but limited networking opportunities. Others provide … read more
CloudEndure, a disaster recovery solutions provider, released the results of its 2016 Disaster Recovery Challenges and Best Practices survey, demonstrating the gap between organizations’ goals and their reality. After collecting information from 141 IT professionals about their disaster recovery experiences, the top challenge among respondents was reaching goals with insufficient IT resources—due to budget and … read more
As of November 1, 2016, the PCI SSC (Payment Card Industry Security Standards Council) considers PCI DSS 3.1 officially retired. According to the PCI SSC, all retail businesses should implement the new regulations published in the Payment Card Industry Data Security Standards (PCI DSS) version 3.2. Businesses must take steps to comply with the new … read more
The RSA Conference in San Francisco, scheduled for February 12–17, is one of the world’s best cybersecurity gatherings. Every year, tens of thousands of attendees flock to the West Coast to hear the latest in industry innovations and solutions to cybersecurity issues. OnRamp will attend the five-day event at the Moscone Center and Marriott Marquis, … read more
This is the second in a two-part series on issues related to the IoT, BYOD and cybercriminal attacks on ePHI. We suggest started with part I if you have not read it.
The internet of things (IoT) includes personal mobile devices and wearables that employees and contractors use daily, inside and outside of the workplace. … read more
This year’s Healthcare Information and Management Systems Society (HIMSS) annual conference kicks off on February 19, 2017. The five-day conference, held at the Orange County Convention Center in Orlando, FL, focuses on education and networking for professionals in healthcare management, healthcare finance, and healthcare technology. It’s considered one of the top 10 health IT conferences … read more
Establishing clear business associate agreements are important for not only remaining HIPAA compliant, but for adequately safeguarding patient PHI. Sara Heath, HealthIT Security
In 2016, the Office for Civil Rights (OCR) put a spotlight on Health Insurance Portability and Accountability Act (HIPAA)-affected business associates (BAs). “A ‘business associate’ is a person or entity that performs … read more
Agility is at the core of next-level competitiveness in the modern globalized marketplace. Hybrid cloud environments give businesses the best of both worlds—the privacy/security of private cloud and the flexibility of the public cloud. An organization that knows how to use hybrid cloud technology to its advantage will enjoy long-term sustainability.
Beyond the Basic Benefits … read more
Organizations that work with electronic protected health information (ePHI) must carefully weigh the risks and benefits of adopting new technology. From the internet of things (IoT) in hospitals to wearable medical devices to bring your own device (BYOD) policies, each endpoint represents a potential network vulnerability. Avoiding the adoption of new technology is not the … read more
The completion of the SOC 3 audit demonstrates that OnRamp’s enterprise-class data center services meet the rigorous requirements associated with data protection and compliance.
AUSTIN, TEXAS.— OnRamp Access, LLC, a leading high security and compliant hosting provider, announced today the completion of a SOC 3 audit confirming that OnRamp’s solutions fulfill the necessary controls … read more
“In the last six years of conducting the [Ponemon] study, it’s clear that efforts to safeguard patient data are not improving,” says Dr. Larry Ponemon, chairman and founder, Ponemon Institute.
“The Sixth Annual Annual Benchmark Study on Privacy and Security of Healthcare Data” published by the Ponemon Institute in 2016, confirms what many who work … read more
One of the many information security challenges organizations face today is the variety of security policies they must create and follow. Most compliance requirements note the availability of policies— what they should include and how often they should be updated. Little to no information is provided, however, as to how individual policies impact or correlate … read more
“There are hidden costs for businesses that do not maintain a strong IT infrastructure. These may sometimes be intangible, but have the potential to adversely affect productivity and profitability,” says tech writer, Ben Rossi, in a recent Information Age article.
Protecting your organization’s sensitive data and developing an effective IT infrastructure has always been a … read more
I recently discussed the importance of letting your business requirements lead the strategy for your managed data storage in part I of this post, using use cases and workloads to illustrate how you can efficiently benefit from SAN and NAS storage. Now that we’ve reviewed the basics of developing your solution and touched on the … read more
In an increasingly competitive economy, being agile and having the ability to recover quickly drives technological development. Cutting-edge technology improves productivity, creates competitive advantages, enhances business continuity, and defines cybersecurity practices. As IT advancements create shifts in daily workflows and develop best practices, those who use state-of-the-art technology and adopt the right trends will benefit.
“The PCI Security Standards Council touches the lives of hundreds of millions of people worldwide. A global organization, it maintains, evolves and promotes Payment Card Industry standards for the safety of cardholder data across the globe.” – PCI Security Council
People use credit cards to make purchases online, over the phone and in stores for … read more
“…Data is the phenomenon of our time. It is the world’s new natural resource. It is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true—even inevitable—then cybercrime, by definition, is the greatest threat to every profession, every industry, every company in the world,” said … read more