Tag Archives: Healthcare

CISA Publishes Mitigation Guide to Combat Cyber Threats in the Healthcare and Public Health Sectors

If you need a little intellectual stimulation after hours of Thanksgiving turkey and football, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just the thing — the new CISA Mitigation Guide for the Healthcare and Public Health Sectors.  This somewhat technical guide is a little dry, but it offers solid recommendations and sugested best practices to combat the pervasive cyber threats affecting the Healthcare and Public Health (HPH) Sectors.… More

Your Password Can’t Possibly Be This Bad, Can It?

NordPass (the purveyor of a password manager) has assembled a list of the top 20 passwords in healthcare, based on usage by the world’s largest companies.  According to NordPass’s analysis, the “top” 20 passwords are:

          1. 123456
          2. password
          3. part of the company’s name*
          4. 12345
          5. aaron431
          6. part of the company’s name2012*
          7. Part of the company’s name*
          8. PART OF THE COMPANY’S NAME443*
          9. company name2014*
          10. linkedin
          11. pass1
          12. company name*
          13. COMPANY NAME’S ABBREVIATION1*
          14. company name*
          15. 00000
          16. 1111
          17. company name*
          18. 1234
          19. Med
          20. company name*

Obviously,… More

FTC Likely to Continue Focus on Health Care Data

In recent years, the FTC has increasingly focused on protecting consumers’ access to healthcare, through both its competition and its consumer protection missions. Similarly, the FTC has become a force in federal privacy regulation, second only to the Office for Civil Rights of the Department of Health and Human Services. On occasion, the FTC’s priorities in access to health care and health information privacy have come together,… More

Law360: “HHS Data-Scrubbing Guidance Backs Strict Privacy Definitions”

Today’s Law360 addresses “HHS Data-Scrubbing Guidance” with quotes from me and others on the subject:

Clarifying the types of data that need to be removed from data sets can also help companies maximize the value of the information that they hold as the value of and ability to use this data for research and public health purposes increases, Foley Hoag LLP security and privacy practice co-chair Colin Zick added.… More