Data Security | Wellness Platform

Category Archives: Data Security

Healthcare Organizations Require HITRUST CSF Certification

Healthcare organizations such as Anthem, Health Care Services Corp., Highmark, and UnitedHealth Group now require that all third-party suppliers with access to healthcare data obtain CSF Certification within 24 months to demonstrate effective security and privacy practices. HITRUST estimates that an additional 7,500 organizations that do not currently have CSF Certification will be...
Read more

What Is HITRUST CSF Certification?

Founded in 2007, the Health Information Trust Alliance (HITRUST) was born out of the belief that information protection should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. For more information, visit HITRUSTalliance.net. HITRUST, in collaboration with public and private health care technology, privacy,...
Read more

Responding to the Anthem Data Breach

You have no doubt seen news reports about the data breach suffered by health insurer Anthem. In this massive security breach, hackers were able to steal employee passwords and use them to access an Anthem database containing personal information about former and current customers as well as employees. Anthem has stated that data stolen includes...
Read more

Bash Shell Shock Vulnerability

Last week a serious vulnerability was announced affecting Unix and Linux based systems. This vulnerability, known as the "Shell Shock Bug," affects the Bash script interpreter found on many of these systems (including Mac OS). Officially referenced in CVE-2014-6271, the NIST Vulnerability Database rates this vulnerability as 10 out of 10 on the severity scale...

Read more

How Safe is Your Health and Wellness Data?

Health-related apps, web sites, digital devices, and social media provide exciting opportunities to support better health. And many employers and health plans are looking to integrate these options into wellness and population health management programs. But much of the health-related data they collect, and many of the organizations that collect it, are not covered by...
Read more

The Heartbleed Bug

By now you have probably heard the buzz around a security risk called Heartbleed that has been identified as part of the OpenSSL cryptographic software. The Heartbleed bug compromises the secret keys used to identify service providers and encrypt traffic when connecting over the Internet. If a computer system uses the vulnerable version of OpenSSL,...
Read more