The Latest News on Security, Privacy & Compliance
There are several privacy, security and compliance topics making headlines and trending across the healthcare IT industry. For example, new malware strains continue to develop, HIPAA issues guidance to for-profit companies handling PHI and medical device security continues to be a hot topic. Read our latest newsletter to catch up on some of the top headlines from around the industry and at CynergisTek.
Athenahealth, Allscripts Websites Down Amid Nationwide Hack

A recent malware attack against DYN servers caused websites to go down, among them Athenahealth and Allscripts. This article examines how those in the healthcare industry should prepare in case an attack like this is launched against their organization.
 

CynergisTek Rated Above All Vendors in KLAS Security Advisory Services Report

CynergisTek was the highest-rated firm healthcare providers rely on for security consulting and services in the KLAS report, Security Advisory Services: Which Firms Are Helping Providers Sleep at Night?, released last month. According to the report, CynergisTek's clients report the highest overall satisfaction and has the most clients who say the firm's work had a significant impact on security preparedness.
   

Sorting Out HIPAA vs. FTC Act Requirements

HHS recently issued guidance which reminds for-profit companies that they must comply with both HIPAA and FTC regulations if they collect and share PHI. This article discusses why some industry experts, including CynergisTek's David Holtzman, think that this guidance is too narrow.
 

Infographic: Effective Healthcare Compliance Programs

We recently released an infographic that details findings from HCCA's 2016 Compliance Effectiveness Survey and includes OIG's recommended best practices for healthcare compliance programs. 
 

Benefits of Hiring Veterans in the Healthcare Industry

In celebration of Veteran's Day, we asked several of our own veterans to describe how their military services helped prepare them for a career in healthcare privacy and security. We also included recent comments from our CEO Mac McMillan on the benefits he has found in employing veterans at CynergisTek.
 

When Business Masquerades As Social Conscience

In this blog post originally published in Healthcare Informatics, Mac McMillan discusses the ethics surrounding medical device security among both security researchers and manufacturers, as well as frustrations from healthcare providers seeking a solution. 
 

Cybersecurity: Are You Really as Prepared as You Think?

A recent IBM report found that IT leaders are confident in their security preparedness. In this article, Healthcare IT News asks industry experts whether they can truly be confident. Mac McMillan notes that healthcare's focus on educating users is only part of the solution.
 

A Tale of Two Sites: An Internet of Terrible Things

This blog post written by our Sr. Penetration Tester John Nye discusses the recent DDoS attacks on krebsonsecurity.com and the DYN DNS service, as well as ways to protect your organization from similar attacks.
 

IoT Botnet Strain Released, Successor to Massive Malware Attack on DYN

In this article, CynergisTek CEO Mac McMillan discusses a new malware strain able to override connected devices for use in DDoS attacks and how to protect your organization from these attacks.
 

Upcoming Educational Events
CynergisTek executives are speaking at several conferences during the remainder of the year, including HCCA's San Francisco regional event and the HIMSS Privacy & Security Forum. CynergisTek is also providing our free HIPAA Privacy and Security Workshops across the nation and will be announcing 2017 dates and locations later this month. Click here for more details on all upcoming educational events.

Thank you for reading this month's newsletter. Click here if you would like to see additional topics addressed in the future.