On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk during the COVID-19 crisis, as threat actors are using the pandemic to take advantage of vulnerabilities while hospitals are focused on responding to the crisis. According to Microsoft “[D]uring this time of crisis, as … Continue Reading
On March 24, 2020, the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) issued new HIPAA guidance to help providers and first responders in its efforts to combat the COVID-19 pandemic. OCR’s guidance addresses when HIPAA allows disclosures without patient authorization of identifying health information to first responders – such … Continue Reading
The scammers know that most of us are working from home and are trying to use this to their advantage. The robocalls have increased, and telemarketers are calling more frequently, but with a new twist—preying on fears of consumers about coronavirus. I am on the Do-Not-Call list, yet I am still getting many unwanted robocalls. … Continue Reading
For those of us who work outside of the home during normal times, we know when we are home on the weekends not to answer our home telephone unless we recognize the number or caller. The same is, of course, true for our mobile phones. If the caller is someone we know, they will leave … Continue Reading
Recently businesses and advertising trade groups wrote a letter to the California Attorney General Xavier Becerra to request delayed enforcement of the California Consumer Privacy Act (CCPA) as a result of the COVID-19 global pandemic. The letter cited the current health crisis as a result of COVID-19 and a state of national emergency as the … Continue Reading
Despite the fact that the hackers behind Maze ransomware previously promised not to hit medical organizations during the coronavirus pandemic, it recently attacked a British medical lab that is slated to test COVID-19 vaccines during the pandemic. The Maze hackers previously said publicly that it would “stop all activity versus all kinds of medical organizations … Continue Reading
On March 20, the U.S. Department of Health and Human Services (HHS) issued additional guidance in the form of Frequently Asked Questions (FAQs) on HIPAA and telehealth services to help providers furnish care during the COVID-19 pandemic. The FAQs follow and provide further information on the Notification of Enforcement Discretion issued by HHS on March 17 (Notification), … Continue Reading
Evil doers know that the best time to attack is during a crisis or a time of vulnerability. As the United States, and specifically, the Department of Health and Human Services (HHS) attempts to respond to and get ahead of the COVID-19 pandemic in the U.S., hackers, likely from a foreign enemy nation state, ramped … Continue Reading
In response to the coronavirus crisis, many companies have mandated that employees work from home in order to assist in slowing the spread of the virus. With more employees working from home, and a wider network to protect, security experts are warning companies to be vigilant with security measures. In addition, it is widely reported … Continue Reading
Acknowledging the “additional challenges” on health care providers following the outbreak of COVID-19, the Department of Health and Human Services (HHS) recently issued several waivers for covered entities to address the need to share patient information after the President declared a national emergency concerning COVID-19. One of the waivers issued by HHS is to “waive … Continue Reading
The COVID-19 virus is having an unprecedented effect on all aspects of our daily lives, and has hit the educational system especially hard with forced closures and cancellations. Because educational institutions play such a vital role in our communities, the Department of Education (DOE) recently issued guidance in the form of Frequently Asked Questions (Guidance) … Continue Reading
The conference I was supposed to speak at next week was just cancelled, as many are and will be, due to coronavirus concerns. The topic was “Insider Threats and How to Mitigate Them.” One of the points I was going to make was that insider threats, both malicious and unintentional, are an ongoing and serious … Continue Reading
Our firm is a proud member of the International Association of Privacy Professionals (IAPP), as are those of many of my colleagues in the industry. I attend the IAPP Global Privacy Summit every year, and have done so since (I think) 2004. Yikes. Back in the early days, hundreds of individuals attended the conference in … Continue Reading
The Office of Civil Rights (OCR) last month provided guidance and a reminder to HIPAA covered entities and their business associates regarding the sharing of patient health information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule during an outbreak or emergency situation such as what we are all facing right now … Continue Reading
The coronavirus—or COVID-19—has health care experts scrambling, and has caused global concern for health and well-being due to its rapid spread throughout many countries, including the United States. A scare like this is the perfect opportunity for scammers and fraudsters to prey on well-intentioned people. Unfortunately, during this global health care concern, criminals are using … Continue Reading
