Healthcare Cybersecurity News

QI’s Experts talk Cyber, HIPAA Compliance, and everything you need to know to keep your patients safe.

Risk and Management: Making The Case

May 02, 2018 | PHI Security

We spend significant time discussing important items to do and things to consider in securing Protected Health Information (“PHI”). This assumes one..

Granting and Revoking Access to PHI

Apr 19, 2018 | PHI Security

Effective access control is a fundamental part of securing Protected Health Information (“PHI”). Access control is essentially giving access when and..

What To Do With Unexecuted Business Associate Agreement

Transferring PHI without an executed Business Associate Agreement ("BAA") has become a point of intense focus for federal regulators, and one from..

Storing PHI Offshore

A fundamental aspect of risk management and HIPAA compliance is knowing where the Protected Health Information (“PHI”) you create, store, maintain, or..

How To Properly Dispose of ePHI

The proper destruction of electronic Protected Health Information (“ePHI”) is often overlooked and, if done improperly, can lead to impermissible..

When an Initial Attack May Be Just the Tip of the Iceberg

Recent events indicate what we have long suspected; attackers often target the same organizations again after a successful attack. This exact scenario..

Annual Breach Notification Deadline Approaching


If you had a breach in 2017 that affected less than 500 individuals, the deadline to notify the U.S. Department of Health and Human Services (“HHS”)..

How To Protect Against Snooping

Snooping of Protected Health Information (“PHI”) is perhaps one of the largest causes of breaches.  Some studies estimate a quarter of all breaches..

The Growing Interest In Access

Jan 11, 2018 | PHI Security

Having patients access their health records has important clinical benefits, which is a significant reason why it is a right patients are provided in ..

Where In The Cloud Is Your PHI?

Do you know exactly where that PHI is stored by the cloud provider?  In some instances the cloud storage vendor might store, backup, or process the PHI..