Pages
- Alliance Community Hospital
- Are you prepared for an OCR Investigation?
- Are you prepared for Promoting Interoperability Programs?
- Are you ready for an OCR Investigation
- Audit Readiness
- Blog
- BlueOrange Achieves HITRUST CSF Assessor Designation
- BlueOrange Announces Co-Authorship of Cybersecurity Whitepaper
- BlueOrange Announces Slice® Analytics Dashboard
- BlueOrange Incorporates NIST Cybersecurity Framework Standards into all HIPAA Security Services
- BlueOrange Introduces Full Array of Cybersecurity Services
- BlueOrange Introduces New HIPAA Privacy Services
- BlueOrange Introduces New Penetration Testing Services
- BlueOrange offers 8 tips for smart strategies with smart devices
- Case Studies
- Contact Us
- Contact Us
- Cyber Security
- Cybersecurity Solutions
- Do you know how to manage an OCR Investigation?
- HIPAA Compliance
- HIPAA Privacy, Breach & Security Solutions
- HIPAA Risk Assessment
- HITRUST Practical Solutions
- Home
- Home Draft Old
- implementation of HIPAA compliance
- Investigation Support Solutions
- Is your environment secure?
- Is your HIPAA security risk analysis adequate?
- Is your organization an easy target for a cyber-attack?
- Is your organization compliant with HIPAA Privacy, Breach and Security Regulations?
- Mather LifeWays
- Miami Jewish Health Systems
- News
- Northwestern Medical Center
- OCR Audit Prep
- Our Approach
- Penetration Testing
- Privacy Policy
- Problems We Solve
- Ransomware Resilience Assessment
- Ransomware Resilience Compliance PPC
- Ready to Get Started – Thank You
- Remedi SeniorCare
- Request A Consult
- Resource Library
- RiverSpring Health
- Security Event Information Management Solutions
- Sitemap
- Technical Testing Solutions
- Testimonials
- Thank You for Contacting Us for a Free Consultation!
- Thank You for Contacting Us to Help Start Solving Your Problem!
- Thank You for Scheduling an Initial Consultation
- Training Solutions
- Upcoming Trade Shows & Speaking Events
- What if your organization has a security breach?
- Why Us
- You probably have some compliance gaps but don’t know where to start
- You’ve done a risk analysis…what’s next?
Posts
- Don’t Forget About HIPAA Privacy!
- Healthcare IT Security- The Case For Penetration Testing
- Healthcare IT Cybersecurity
- Could Your Organization be the Next Ransomware Victim?
- Alexa in Senior Care Settings: HIPAA Considerations and Safeguards
- DiMaggio, Other Cybersecurity All-Stars Address Risks, Solutions at HIT Summit
- Your 6-Point Guide to Addressing Individuals Rights Under the HIPAA Privacy Rule
- Business Associates (BAs) are Essential to Healthcare Organizations
- Are You Ready for a Cyberattack? A Tabletop Test Can Tell
- Are Your Business Associates HIPAA Compliant?
- Notice of Privacy Practices
- Don’t Get Hooked by Phishing Attacks
- Business Email Compromise (BEC) – A Fast-Growing Scam!
- Fine on Mobile Device Loss in the Millions
- How Often Do I need a Security Risk Assessment?
- Office for Civil Rights fines Dental Practice for HIPAA Violation
- Don’t Forget About HIPAA Privacy!
- Annual OCR Breach Reporting Deadline Sneaking Up
- Are Your HIPAA Security Risk Analyses Good Enough?
- A Teleworking Policy Is a Must During COVID-19
- Steps to Avoid Teleconference Hijacking
- Phishing
- Implementing a Telehealth Policy During COVID-19
- The Unwavering Dedication of Nursing Home Workers
- Telehealth and Patient Consent
- Top 10 Routinely Exploited Vulnerabilities
- Guidance for Patients & Residents Using Telehealth Services
- COVID Phishing and Ransomware
- COVID-19 Resources and Topics
- Voice Control Devices and Remote Work
- Providing Devices for Patient or Resident Use
- Defending Against Remote Desktop Threats
- Remote Device Best Practices
- Work From Home User Concerns
- O365 Configuration Considerations
- Patching for Remote Users
- FAQs on Telehealth and HIPAA During COVID-19
- Reminders for Providers on HIPAA regarding Obtaining Consent and Notice of Privacy Practices
- Lost or Stolen Devices
- Top 3 Items for your Business Associate Agreement Tracker
- Must Haves in a Telework Policy
- Vulnerability Scans and Penetration Tests: What’s the Difference?
- Types of Phishing
- The Importance of Separation of Duties
- The Importance of Separation of Duties, cont.
- Least Privilege
- Access for Mobile Devices
- Security Awareness Training: What Should You be Covering?
- Monitoring Secure Areas in your Environment
- Incident Response Training: Is Your Team Prepared?
- Personnel Screening
- Access Agreements
- Personnel Transfers
- Personnel Termination
- “Position Risk Designation: What it is and how it keeps onboarding consistent”
- Media Sanitization
- Media Marking
- The Risks of Relay Authentication Attacks
- Mitigating the Risks of Relay Authentication Attacks
- Do you know who is visiting your facilities?
- The Impact of a Breach
- Where is your organization’s data?
- Policy and Procedure Review
- National Cybersecurity Awareness Month
- Ransomware Advisory
- Risk Analysis and Management is Worth It
- Terminating User Accounts
- As Ransomware Attacks Increase So Should Preparedness
- Mitigating the Password Spray Threat: Stopping Modern Hacks
- Phishing Attempts on the Rise
- Press Release: COVID-19 and Ransomware – a Nightmare Scenario That BlueOrange Compliance is Looking to Fix
- BOC Alert – SolarWinds Orion Platform SUNBURST Vulnerability
- The Importance of Multi-Factor Authentication
- OCR Cracking Down with HIPAA Right of Access Initiative
- The Designated Record Set
- Top 5 Security Threats of 2020 and What You Can do About It
- Law Requires HHS to Incentivize Security
- 5.1 Million Dollar Settlement for Data Breach
- HIPAA’s Minimum Necessary Requirement
- BOC Alert: SonicWall Zero-Day Vulnerability
- The Risks of Shared Passwords
- Upcoming Webinar: Analyzing the OCR HIPAA Settlements of 2020 – Tips, Pitfalls, and What To Avoid
- Secure Disposal of PHI
- Password Complexity Reminder!
- A Reminder to Keep Visitor Logs
- Penetration Testing with BlueOrange
- BOC Alert: Microsoft Exchange Server Zero-Day Vulnerability
- HIPAA Right of Access Initiative Continues!
- A Zero Trust Security Model
- Mobile Device Best Practices
- BlueOrange Webinar: Conditional Access – When Multifactor Authentication is Not Enough
- End User Phishing Reminder!
- Adopt a Clean-Desk Policy
- Security Awareness Training: What Should You be Covering?
- 21st Century Cures Act Final Rule Goes Into Effect
- HIPAA’s Right of Access Initiative Isn’t Slowing Down
- Vulnerability Scans and Penetration Tests: What’s the Difference?
- Incident Response Training: Is Your Team Prepared?
- The Ransomware Task Force is Calling for Action
- Industry Best Practices
- NIST is Asking for Input
- Upcoming BlueOrange Webinar: Workstation Compromised. Now What? – 05/27/21
- DarkSide Ransomware Group
- Top 3 Items for your Business Associate Agreement Tracker
- FBI Issues FLASH Alert Due to Ransomware Attacks on Healthcare Agencies
- MSTIC Alert on New Wave of Attacks
- Penetration Testing with BlueOrange
- The White House is Urging Corporate Business Leaders to Protect Against Ransomware
- Ransomware is Finally Getting the Necessary Attention
- Right of Access Initiative – Number Nineteen
- Cyber Insurance Carriers are Requiring Ransomware Prevention Measures
- Upcoming BlueOrange Webinar: Ransomware & Cyber Insurance – What is Changing and What do I Need to Know? – July 29th, 2021
- Mitigating the Risks of Relay Authentication Attacks – Reminder!
- BOC Alert: Microsoft Windows Elevation of Privilege Vulnerability
- BlueOrange Webinar: Ransomware & Cyber Insurance – What is Changing and What do I Need to Know? – July 29th, 2021
- BOC Alert – PetitPotam NTLM Relay Attack
- CISA Releases Alert on Top Exploited Vulnerabilities
- The Ever-Rising Importance of Access Control
- Security Awareness Reminder – Password Spraying
- CISA’s Urgent Warning to Patch ProxyShell Vulnerabilities
- The Rise of Hurricane-Related Scams
- PwnedPiper and the Threats Facing Healthcare
- The Secure Disposal of PHI
- Conti Ransomware Sparks Joint CISA, FBI and NSA Advisory
- Multiple Security Updates Released
- The Importance of Media Marking
- CISA Creates Known Exploited Vulnerabilities Catalog
- Guidance on Vaccine Status and HIPAA
- Terminating User Accounts
- Least Privilege
- BOC Alert – Upcoming Holidays Could Include an Increase of Cyberattacks
- Security Reminder – Reporting Security Incidents
- BOC ALERT – CRITICAL Apache Log4j Zero-Day Vulnerability
- Policy and Procedure Review Reminder
- The Difference Between Vulnerability Scans and Penetration Tests
- Upcoming Webinar: How Threat Actors are Gaining Access through Unresolved Log4Shell Vulnerabilities
- Right of Access Initiative has Reached 25 Settlements
- CISA – Layering Network Security Through Segmentation
- 2021 Trends Show Ransomware is an Increased Globalized Threat
- SAFER Guides: What You Need to Know
- Preparing for State Sponsored Russian Cyber-Attacks
- BOC Alert | PrintNightmare Vulnerability Being Exploited by Russian State-Sponsored Cyber Actors
- The DEV-0537 Okta Compromise
- What You Need to Know: Cyber Incident Reporting for Critical Infrastructure Act of 2022
- The PATCH Act of 2022 Introduced
- Reminder of CISA’s Vulnerability Catalog
- Executive and C-Suite IT Security Buy-in
- The BlueOrange Security Analysts
- The BlueOrange Project Coordinators
- BOC ALERT | MSDT “Follina” Vulnerability
- Security Reminder – Physical Security
- The BlueOrange Offensive Security Analyst
- Verizon’s 2022 Data Breach Investigation Report
- Recent Telehealth Guidance from HHS
- Switching to Modern Auth in Exchange prior to October 1st
- Microsoft August Updates
- Cyber Insurance is Cracking Down on MFA
- HHS Resources
- OCR Settles Case – Improper Disposal of PHI
- CISA’s #StopRansomware: Vice Society Alert
- Iran’s Cyberattack on Albania
