Login 

Call Us Now:

Weston Technology Solutions Blog

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Archives
    Archives Contains a list of blog posts that were created previously.
Subscribe to this list via RSS Blog posts tagged in HIPAA

healthcareIT2The U.S. Department of Health and Human Services (HHS) has launched a revised breach portal (or “Wall of Shame” as it’s known in the healthcare industry). The newly designed tool can be found here. According to Healthcare Informatics, This redesign features improved navigation for both those looking for information on breaches and ease-of-use for organizations reporting incidents. What that means for you is that, yes, your life as a HIPAA security officer will be easier as you’ll be able to submit breach notices easier. However, as a clinic manager, it also means your patients can find breach notifications easier, making it easier to find out if you messed up or are currently under investigation by the Office of Civil Rights.

It’s best to keep yourself from ever being on the Wall Of Shame in the first place, and Weston can help. We have a variety of HIPAA-friendly services that will help secure your environment, train your employees, assess your compliance and vulnerabilities, and keep you from hopefully ever having to visit that site. 

Petya Ransomware Outbreak

Posted by on in Alerts

You may have heard about the Petya Ransomware attack that is currently affecting computer users worldwide, hitting at least 65 counties, according to NPR. You can read more about the Petya outbreak at HealthITSecurity, the patched security flaw that is being exploited, the government's CERT alert and the most tragic news: a Cadbury chocolate factory was shut down because of it.

As a Weston CompleteCare client, you have multiple layers of protection in-place to help prevent these types of things from bringing down your environment. These may include:

  • WestonBlock email protection helps prevent viruses, malware, and phishing attempts from reaching your inbox. 
  • Managed Antivirus that is constantly being updated to protect opening these types of files and blocking them if they try to attack.
  • OpenDNS content filtering protects you from accidentally loading an infected web site and prevents these types of files from "phoning home" to activate.
  • WestonShield firewalls help protect against malicious inbound and outbound traffic (and has had protection for variants of Petya starting over a year ago).
  • Managed patching services that make sure security patches to help protect you from these types of infections are installed properly and quickly.
  • A solid backup and business continuity device and plan in-place that protects your local and offsite backed up data and that alerts when backups show sign of malware. 

All that being said, this is yet another reminder to be extremely vigilant about what links you click on and what emails you open. Even if you get an email and attachment from someone that you know, if you were not expecting it, contact that person and make sure it was sent by them. Also avoid browsing to sites you don't recognize or follow links that are unfamiliar.

If you have any questions or are interested in hearing about how CompleteCare can help protect your business, don't hesitate to contact us.

WannaCry Ransomware Outbreak

Posted by on in Alerts

You may have heard about the WannaCry ransomware attack that affected computer users worldwide (see this BBC story for the full details along with some technical details at Bleeping Computer). If Weston patches your Windows systems as part of our CompleteCare or other managed patching services, we applied a Microsoft patch to your covered machines back in mid-March that will help protect your computer from this particular ransomware (we also forced the install of the patch recently for machines that hadn’t been online for a while). However, this is yet another reminder to be extremely vigilant about what links you click on and what emails you open. Backups and business continuity planning are also critical if you are infected (read our recent whitepaper for more information on the Business Guide to Ransomware).

Even if you get an email and attachment from someone that you know, if you were not expecting it, contact that person and make sure it was sent by them. Many of these attacks utilize software that will attempt to impersonate an email user and send an email to everyone in their contact list.

If you are a HIPAA-regulated environment (or even if you're not), we recommend reading our blog article on ransomware and HIPAA and the various ways you can help protect yourself

Backups are still the best way to protect yourself. If you do manage to get encrypted with early variants of WannaCry, don’t reboot your computer as the recently-released Wannakey tool might be able to get the encryption keys. The early versions of the malware were poorly written and had a kill switch that slowed things down from becoming a lot worse than it was (new variants have since fixed those flaws).

It's a brave new world out there, stay vigilant.

-- Your Weston Support Team

Have You Signed BAAs with your Vendors?

Posted by on in Security

healthcareIT2If you are a HIPAA-regulated business or deal with HIPAA-regulated industries, you really have to trust your vendors. A security breach at a vendor’s office may as well be a breach in your office, as far as HIPAA is concerned. You need to have a business-associate agreement (BAA) signed with those vendors. And if that vendor has no idea what a BAA is, you might want to reconsider your relationship with them, for your own protection. In a recent news story, an Illinois-based clinic was fined $31,000 because they didn’t have a BAA signed with a vendor hired to store paper records containing patients’ protected health information (PHI) (that vendor is the focus of other investigations). You can read the full cautionary tale here. If you need any assistance with your vendors or other HIPAA regulations, don’t hesitate to contact your local Weston office today.

hipaaYou’re probably familiar with Yelp (you can find us on there, both in Anchorage and Bend). It’s the leading crowd-sourced rating site for restaurants, hotels and just about anything else. It’s also host to healthcare reviews, and many physicians and clinics are on the site. Yelp gives you the option to reply to reviews, both positive and negative. What you need to be aware of, though, is that it could be a HIPAA violation if you reply to a review