Technology advertisements that cross ethical, legal lines

It's hard to tell fact from fiction in technology advertisements, says technology and security consultant Kevin McDonald. These irresponsible claims about a product's compliance or security capabilities can have ethical and legal consequences. …I can't tell you how many times [...]

Technology advertisements that cross ethical, legal lines2020-06-09T23:53:57-07:00

How is the New Apple iWatch just like the IBM PC?

If the IBM PC legitimized the PC market in 1981 and launched an explosion of sales and it created a whole new market, I predict the health-enabled Apple Watch will do the same.  Prior to IBM's entry into the PC [...]

How is the New Apple iWatch just like the IBM PC?2014-09-10T21:53:19-07:00

Unclear HIPAA rules permit healthcare data offshoring … for now

...Under the Final Rule, the OCR has the power to domestically deal out civil penalties, corrective actions and long-term monitoring, while the DOJ has the power to domestically deliver a criminal prosecution. Through enforcement under HITECH, the State attorneys general [...]

Unclear HIPAA rules permit healthcare data offshoring … for now2014-07-29T02:19:34-07:00

Electronic health records ripe for theft

The only difference in healthcare is that the large breaches have not gotten the sensational, but appropriate coverage credit card breaches have gotten.

Three other interesting quotes:

1.      As health data becomes increasingly digital and the use of electronic health records booms, thieves see patient records in a vulnerable health care system as attractive bait, according to experts interviewed by POLITICO. On the black market, a full identity profile contained in a single record can bring as much as $500.

2.      “Criminal elements will go where the money is,” said Wah, who was the first 

Electronic health records ripe for theft2014-07-15T01:03:09-07:00

HIPAA consulting and the channel’s ethical responsibility

Kevin is a featured writer for TechTarget.  Here is is latest column: _________________________________________________________ A few months ago, I wrote an article about the practice of non-attorneys consulting on HIPAA business associate agreements. After talking with scores of people about the [...]

HIPAA consulting and the channel’s ethical responsibility2020-06-09T23:54:19-07:00

HIPAA business associate agreement consultations could be unlawful

Here is a controversial article written recently by Kevin McDonald for TechTarget. ------------------------------------------------------------------------------------------------------------------------------------- Under federal law, the Health Information Portability and Accountability Act (HIPAA) Privacy Rule extends to a class of business entities (i.e., health plans, health care clearinghouses and [...]

HIPAA business associate agreement consultations could be unlawful2020-04-29T22:44:01-07:00

Is Antivirus Software Really Dead?

I am curious what Dye’s definition is for "cyber-attack?" One this is for sure, the motivation of hackers and malware has changed dramatically over the years. The threats are new and different today. Going back in history most malware was related to someone wanting cyber fame, making a political statement or just plain mischievousness. Now with the advent of ransomware, spam mailing bots and

Is Antivirus Software Really Dead?2017-11-13T07:30:06-08:00

Some Good Questions and Answers on Backup and Disaster Recovery

1. Where should small businesses start with disaster recovery, whether or not they already have a DR plan in place? What is the first question the small business owner needs to ask?

I recommend starting with determining RTO and RPO.  If the small business owner starts here he or she will be off to a good start with the DR plan.  What are RTO and RPO?

         RTO – Recovery Time Objective, the time between the disaster and when the system has been made operational again.  Why is this important?  Different businesses have different costs associated with

Some Good Questions and Answers on Backup and Disaster Recovery2014-04-29T23:01:20-07:00

Opportunities abound for providing HIPAA compliance services

As many security solution providers struggle to find compliance opportunities, there is a great opportunity in supporting compliance with the Health Insurance Portability and Accountability Act (HIPAA).Even though the comprehensive laws intended to protect patient and health care data are [...]

Opportunities abound for providing HIPAA compliance services2014-04-11T17:48:00-07:00

6 signs that you need a new IT strategy

1. Key IT constituencies are expressing dissatisfaction

2. Shadow IT is growing

3. Your IT strategy has diverged from the company strategy

6 signs that you need a new IT strategy2014-04-10T01:09:22-07:00