All Posts By

Siobhan Carroll

Penetration Testing - why you need it

Ransomware Advisory: Strategies for your Organization

By | Press/News, Home Page Recent
October 30, 2020

Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) recently updated their warning to hospitals about ransomware to include information about Conti, TrickBot and BazarLoader. The CISA Alert AA20-302A focused on Ryuk ransomware and said the federal government had “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”

Speaking with clients over the last two days, Intraprise Health discussed additional tactical things hospitals can do to further address preparedness. Read More

Intraprise Health and HITRUST Announce September 2020 Virtual Community Extension Program (CEP) Event

By | Press/News

Yardley, PA, September 10, 2020 – Intraprise Health, a leading provider of cybersecurity services, today announced a virtual Community Extension Program (CEP) event with top experts, including HITRUST®, a leading data protection and standards organization. Attendees will learn how to implement or improve their organization’s information risk management and compliance program.

The virtual event is conveniently hosted online as a three-part series, over the course of three weeks, beginning September 16. These CEP events are designed to promote education and collaboration with peers, as well as to help attendees learn how to adopt and leverage the various HITRUST programs and services to address common security and privacy challenges. Read More

The Benefits of HITRUST Certification

By | Articles, HITRUST Resources
Today, covered entities and business associates are addressing a wide-range of regulatory requirements necessary to solve the growing complexities in the healthcare industry. Evolving technologies, migration to the Cloud, and cyber threats like ransomware are just a few top-of-the-mind issues. Combine those with regulations under HIPAA, Meaningful Use, PCI, COBIT and ISO, and you will find that covered entities and business associates need a way to manage their security programs more effectively. Read More

Beebe Healthcare Launches COVID-19 Screening App 

By | Press/News, Home Page Recent

LEWES (July 22, 2020) – In an effort to provide COVID-19 screening for all, Beebe Healthcare has partnered with Intraprise Health to launch the Beebe Healthcare COVID-19 Screening Tool on both Apple Store and Android Google Play Store.

The app, now available, uses Center for Disease Control and Prevention evidence-based screening questions. Users can walk through the series of questions and then based on the finding – whether testing is recommended or not – they can self-schedule testing online or they can request a call from Beebe Medical Group representatives to schedule. Read More

Security Magazine

Third-Party Risk Management amid COVID-19 (featured in Security Magazine)

By | Press/News, Home Page Top

The COVID-19 pandemic has created an unprecedented impact on the healthcare community in the U.S. and throughout the world. It has forced an entire industry to think differently, innovate and adapt on the fly, and rethink their internal processes to support the spectrum of services they provide.

Long-standing, and seemingly well-established processes for procuring products and services are being reconsidered to meet the immediate and critical demand. Organizations must quickly engage with new third parties (vendors) and/or look to existing third parties for new products and services to respond to the crisis, all the while adhering to the required HIPAA Security and Privacy rules.

Even with the urgent need in the marketplace today for products and services, healthcare organizations cannot ignore third-party risk management (TPRM), which identifies and manages risks posed by third parties that provide software and services.

Read Intraprise Health’s article in the May issue of Security Magazine

Read More

HITRUST Assessments: Relying on the work of others

By | Articles

HITRUST has been a trusted framework since it was founded in 2007. It was created to champion programs that safeguard sensitive information and manage information risk. Intraprise Health is one of the first certified HITRUST assessors and is 100% healthcare focused.  We know the importance of ensuring organizations are secure in the highly regulated healthcare arena. With two seats on the HITRUST Assessor Council and one on the Quality Assurance Subcommittee, we work closely with HITRUST to ensure your organization receives an assessment and reporting option that is ‘rely-able’ for all stakeholders.

HITRUST recently released updated guidance for placing reliance on the results of previously performed audits, assessments, and inspections. These policy and methodology updates create opportunities for greater assessment efficiency and customer cost savings.

Read More

For the Record Magazine

Records for Ransom

By | Press/News

How should health care organizations react when kidnappers grab the goods?

Ransomware is a type of malicious software that infects computers, servers, databases, and managed service providers, encrypting data on the infected platform. The individuals behind the nefarious attack request a price, or ransom, from the organization in order to release the information. Generally, they do not provide the data decryption key until the ransom is paid. According to Verizon’s 2019 Data Breach Investigations Report, ransomware incidents accounted for more than 70% of all malware occurrences across the health care industry.

How an Attack Happens
“Often, when a computer or system is infected, a blue screen, or some other anomaly, will appear with a message about the ransomware,” explains Ryan Patrick, MBA, CISSP, CCSFP, senior vice president of security products and strategy at Intraprise Health. “The attackers need to be paid via cryptocurrency to release the records. Health care is specifically targeted, as the health care industry, unlike other industries, has been slow to adapt to the security industry. In 1996, HIPAA went into effect, but people really didn’t pay attention to cybersecurity until about 2015 when there was a big breach at Anthem.”

Read the article in For the Record Magazine 

Healthcare Payers: Scalability and Risk Management-Based Prioritization

By | Articles

April 2020

As healthcare payers surge to meet the increasing needs of their members and health system partners, their IT and security teams are gleaning some timely reminders that scalability and adoption of a risk management framework are critically important in times of crisis.

Scalability is a “muscle” that all security teams will need to strengthen throughout their enterprise security program because as the COVID-19 pandemic has shown we don’t know when or what aspect(s) of the program will be tested and to what degree. Scalability may not be as important during a one-time event, like a breach or malware attack – an organization can often address a specific issue head on. However, when there is sustained pressure or a fundamental shift that increases scope, it becomes critical that the organization have scalable processes and tools.

Read More

cybersecurity resources for healthcare

Resources for Healthcare Organizations During COVID-19 Pandemic

By | Articles, Home Page Recent

As COVID-19 changes the way many healthcare organizations are operatingIntraprise Health has been compiling a list of resources that we think will be useful to your organization.  Our team of cybersecurity experts has been fielding questions from clients on many of these topics Links to resources such as securing your work from home force, to newly relaxed HIPAA privacy rules and guidance from the Department of Homeland Security are included. 

We hope you find this information useful and will continue to update this list as our team adds more resources.   Read More

Penetration Testing - why you need it

When Requesting a Penetration Test- Do You Know What to Ask For?

By | Articles

As we continue to rely on the interoperability of our computer systems in our everyday lives, we must remember this interconnectivity comes with a priceThe ability to access devices remotely over the internet has created a new world of ease and freedom which can be manipulated by malicious actorsIt’s quite eye-opening in its simplicityIf a device is exposed on the internet it has the possibility of being compromised   Read More

We use cookies in order to give you the best possible experience on our website. By continuing to use this site, you agree to our use of cookies.
Accept
Decline
Privacy Policy