Many thanks to HealthcareITNews for publishing my recent article Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? HHS is trying to get companies to comply with the law and, more broadly, their obligation to protect the sensitive information that people have entrusted to them. We have handled numerous cases … Continue reading Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? (publication)
Category: Regulatory
Helpful FTC Guidance on Cybersecurity for Small and Midsize Companies
It is important for all companies -- especially small and midsize companies -- to have a basic understanding of what the FTC considers to be reasonable cybersecurity. The FTC is known for being one of the more aggressive regulators that are investigating and enforcing (what it views as) inadequate cybersecurity by companies doing business in the United States. … Continue reading Helpful FTC Guidance on Cybersecurity for Small and Midsize Companies
Allscripts EHR Ransomware Attack is Huge–How Will it Impact Healthcare Practices?
See recommendations below On January 19, 2018, cybercriminals were successful in a ransomware attack on Allscripts, an electronic healthcare record (EHR) provider for healthcare providers across the United States. The attack encrypted some of Allscripts systems and prevented those healthcare providers who use those systems for their EHRs from being able to access their patient records. Not … Continue reading Allscripts EHR Ransomware Attack is Huge–How Will it Impact Healthcare Practices?
Complimentary Webinar: Countdown to #GDPR – Compliance for Non-EU Companies
Countdown to GDPR Compliance is a complimentary webinar that I will be moderating on Thursday, December 7, 2017, at 12:00 PM Central. This is the second webinar in a three-part series sponsored by Mackrell International and will focus on Compliance for Non-EU Companies. You don't want to miss it! Moderator: Shawn Tuma Presenter: Marta Stephanian, … Continue reading Complimentary Webinar: Countdown to #GDPR – Compliance for Non-EU Companies
Invitation for 2 Webinars: Protecting Data Exchanged in Discovery and Securing IoT Data
I thought you may like an invitation to attend two complimentary webinars that I will be doing this coming week: YOURS, MINE, OURS: Protecting the Data Gathered and Exchanged in Litigation, Association of Certified E-Discovery Specialists (ACEDS) Monday, August 7, 2017 @ 12:00 CDT LINK for more information FULL VIDEO (see below) Securing IoT Data: Compliance, … Continue reading Invitation for 2 Webinars: Protecting Data Exchanged in Discovery and Securing IoT Data