Category Archives: Latest Posts

Custom Internet Services LLC Confirmed as HIPAA Compliant by Compliancy Group

Winfield, KS-based Custom Internet Services LLC, an Information Technology solution provider serving small- and medium-sized businesses and organizations, has been confirmed as having implemented an effective HIPAA compliance program by Compliancy Group. Custom Internet Services provides a range of IT services including cybersecurity, data protection, data backup, networking, web systems, and training. Many of the… Read More »

FBI Issues Warning About Increasing Egregor Ransomware Activity

The Federal Bureau of Investigation (FBI) has issued a Private Industry Alert about the growing threat of Egregor ransomware attacks. Egregor ransomware is a ransomware-as-a-service operation that was first identified in September 2020. The threat actors behind the operation recruit affiliates to distribute their ransomware and give them a cut of any ransoms they generate.… Read More »

Lake Region Healthcare Recovering from Ransomware Attack

Lake Region Healthcare in Fergus Falls, Minnesota is investigating a ransomware attack that was first detected on December 22, 2020. The attack impacted several of the healthcare provider’s systems and caused some disruption to normal operations at its locations in Fergus Falls, Battle Lake, Ashby, and Barnesville. Emergency procedures had been developed prior to the… Read More »

Vulnerabilities Identified in Innokas Yhtymä Oy Vital Signs Monitors

Two medium-severity vulnerabilities have been identified in Innokas Yhtymä Oy vital signs monitors which allow communications between downstream devices to be modified and certain features of the monitors to be disabled. The vulnerabilities affect All versions of VC150 patient monitors prior to software version 1.7.15. Vulnerable patient monitors have a stored cross-site scripting (XSS) vulnerability… Read More »

TigerConnect Acquires Critical Alert to Add New Capabilities to CC&C Platform

TigerConnect is about to add a range of new capabilities to its clinical communication and collaboration platform following the acquisition of the healthcare middleware provider Critical Alert. This is the second major acquisition by the Santa Monica, CA-based HIPAA-compliant text messaging platform provider in 2020, following the acquisition of Call Scheduler in the fall. Critical… Read More »

Compliancy Group Helps Miiskin Achieve HIPAA Compliance

Compliancy Group has announced that Miiskin has taken all necessary steps to prove its good faith effort to achieve compliance with the Health Insurance Portability and Accountability Act (HIPAA) Rules. Miiskin is an app and teledermatology platform provider whose solution is currently used by more than 500,000 individuals around the world to track skin changes.… Read More »

Email Breaches Reported by Mattapan Community Health Center and Prestera Center for Mental Health Services

Prestera Center for Mental Health Services, the largest behavioral health services provider in West Virginia, has discovered an unauthorized individual potentially accessed the protected health information of a small percentage of its current and former patients. An unauthorized individual gained access to Prestera Center’s business email environment which contained protected health information such as patient… Read More »

Warwick, RI-based Brightside Behavioral Health Achieves HIPAA Compliance with Compliancy Group

Compliancy Group has confirmed that Warwick, Rhode Island-based Brightside Behavioral Health has implemented an effective HIPAA compliance program. Brightside Behavioral Health provides high quality behavioral health services to support individuals and families in Rhode Island communities through awareness, education, and the treatment of behavioral health issues. As a provider of mental health services, Brightside Behavioral… Read More »

NSA Releases Guidance on Eliminating Weak Encryption Protocols

The National Security Agency (NSA) has released guidance to help organizations eliminate weak encryption protocols, which are currently being exploited by threat actors to decrypt sensitive data. Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols were developed to create protected channels using encryption and authentication to ensure the security of sensitive data between a… Read More »