More HIPAA audits on the way, HHS official warns
December 12, 2024
HHS OCR has announced plans for new HIPAA compliance audits, last conducted in 2017, to assess providers’ cybersecurity and patient privacy practices. Smaller providers face rising digital threats as their tech stacks expand, making robust risk management critical. Learn how BlueOrange Compliance can help you prepare with expert HIPAA assessments and proactive cybersecurity solutions.
Key Tech Takeaways from the 2024 LeadingAge Annual Meeting
November 19, 2024
The 2024 LeadingAge Annual Meeting spotlighted cybersecurity, data analytics, and innovation in aging services. Key insights included enhancing cybersecurity through staff training and incident response, leveraging data to improve health outcomes, and adopting technologies like AI and remote monitoring to address workforce challenges. Explore how BlueOrange Compliance can help your organization stay ahead in these critical areas.
LeadingAge24: How Can Senior Care Organizations Protect Themselves from Hackers?
November 5, 2024
At LeadingAge24, experts stressed the need for a strong security culture and robust defenses as cyberattacks in healthcare grow costlier. Common vulnerabilities like phishing and AI-driven threats highlight the importance of staff training, penetration testing, and incident response plans. Discover how BlueOrange Compliance can help safeguard your organization.
Recent Orange Alerts
There has been a proof-of-concept (PoC) exploit for the CVE-2024-49113/CVE-2024-49112 vulnerabilities (the latter being rated critical). This vulnerability can crash any unpatched Windows Servers with Internet connectivity. This PoC was devised by SafeBreach…
Palo Alto has released a patch for the zero-day vulnerability CVE-2024-0012. This vulnerability can allow "an authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network…
CISA released an alert last week regarding a "foreign threat actor conducting a large-scale spear-phishing campaign with RDP attachments." The threat actors seem to be targeting those in IT and…
There has been talk of a zero-day Fortinet vulnerability (CVE-2024-47575) this week and those rumors have been confirmed. Fortinet released (LINK) a statement regarding the critical vulnerability in which threat actors…
Veeam recently acknowledged a critical vulnerability (CVE-2024-40711) which can allow remote code execution. A patch has been released, so it is critical any impacted systems are updated as soon as…
