" breach Archives - Page 2 of 2 - LuxSci

Posts Tagged ‘breach’

3 Things You Can Do Now to Protect Against the Latest Hacker Attacks

Tuesday, June 13th, 2017

It seems like major hacks are always in the news. Whether it is the vicious WannaCry ransomware that swept across the world or the constant stories about Russian hacks, we are being bombarded by increasingly devastating online threats. If you want to help prevent your organization from becoming the next in a long line of victims, you really need to start paying attention to your cyber security efforts.

A solid defense requires a comprehensive security policy that measures your assets against their risks and adapts as these things change. While an overall plan is important, there are several things you can do right now to bolster your security and help prevent the latest attacks:

Hacking Protection

Read the rest of this post »

Are you Minimizing your Risk by using the Next Generation of Opt In Email Encryption?

Friday, September 11th, 2015

We have long held that leaving it to each sender/employee to properly enable encryption for each sensitive message (a.k.a “Opt In Encryption”) is too risky.  Why? Any mistake or oversight immediately equals a breach and liability.

Instead, LuxSci has always promoted use of “Opt Out Encryption,” in which the account default is to encrypt everything unless the sender specifically indicates that the message is not sensitive.  The risk with Opt Out Encryption is very much smaller than with Opt In.  (See Opt-In Email Encryption is too Risky for HIPAA Compliance).

The problem is: many companies use Opt In Encryption because it is convenient when sending messages without sensitive information — you just send these messages “as usual,”  without forethought.  These companies are trading large risks in return for conveniences.

LuxSci has solved the “Opt In vs. Opt Out” conundrum with its SecureLine Email Encryption Service.  You could say that SecureLine enables the “Next Generation” of Opt In Email Encryption — combining both usability and security.

Read the rest of this post »

WordPress for HIPAA and ePHI? Is that a good idea?

Tuesday, February 12th, 2013
For a deep dive, see our white paper: Securing WordPress

WordPress is an extremely popular content management system for both blogging and creating web sites.  It’s popular because it is quick to set up, easy to administer, has a very large supported base of add-ons, and looks good.  As a result, many LuxSci customers use WordPress in one fashion or another for their web sites hosted at LuxSci.

As we cater to a large segment of customers who have specific compliance needs, e.g. HIPAA compliance, we frequently are asked about using WordPress with ePHI … e.g. using WordPress to provide access to protected health information for members of the WordPress site.

Can this be compliant?  Is it a good idea?

Read the rest of this post »

Jump/Thumb Drives and PHI Don’t Mix

Friday, July 20th, 2012

It is very common for the staff of small and medium sized healthcare organizations to store patient data on USB Flash Drives (a.k.a. Jump Drives or Thumb Drives).  This is universally a bad idea and guarantees non-compliance with HIPAA.  Below, I will discuss why and suggest some alternatives to accomplish the same ends.

While this article discusses USB Flash drives in particular, the same arguments hold for all portable media — full sized USB hard drives, writable CDs and DVDs, laptops, etc.

Read the rest of this post »