Support our online development, and advance our onground research initiatives in free market economics, as we seek to showcase the brightest Next-Gen minds.
THE ME-P DISCLAIMER: Posts, comments and opinions do not necessarily represent iMBA, Inc., but become our property after submission. Copyright © 2006 to-date. iMBA, Inc allows colleges, universities, medical and financial professionals and related clinics, hospitals and non-profit healthcare organizations to distribute our proprietary essays, photos, videos, audios and other documents; etc. However, please review copyright and usage information for each individual asset before submission to us, and/or placement on your publication or web site. Attestation references, citations and/or back-links are required. All other assets are property of the individual copyright holder.
Hacking – Web Encryption Technology [WET]
[By Staff Reporters]
A newly discovered bug in widely used Web Encryption Technology [WET] has made data on many of the world’s major websites vulnerable to theft by hackers.
BEWARE!
[An OpenSSL Hack]
LINK: http://money.msn.com/business-news/article.aspx?feed=OBR&date=20140408&id=17508701&ocid=ansmony11
More:
- The Heartbleed bug compromises EHRs: Physicians and patients beware
- http://news.msn.com/science-technology/how-to-tell-if-heartbleed-could-have-stolen-your-password-and-when-it%e2%80%99s-safe-to-change-it
Conclusion
Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.
Link: http://feeds.feedburner.com/HealthcareFinancialsthePostForcxos
Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com
OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:
- DICTIONARIES: http://www.springerpub.com/Search/marcinko
- PHYSICIANS: www.MedicalBusinessAdvisors.com
- PRACTICES: www.BusinessofMedicalPractice.com
- HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
- CLINICS: http://www.crcpress.com/product/isbn/9781439879900
- ADVISORS: www.CertifiedMedicalPlanner.org
- BLOG: www.MedicalExecutivePost.com
- FINANCE:Financial Planning for Physicians and Advisors
- INSURANCE:Risk Management and Insurance Strategies for Physicians and Advisors
Share this:
Filed under: Information Technology | Tagged: computer bugs, hack, heartBLEED bug, SSL, virus, Web Encryption Technology |
The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants 
Update on the Heartbleed bug
We are pleased to let you know that the ME-P was not impacted by the Heartbleed bug, a vulnerability that could be used to steal personal information online.
At the ME-P, your safety is our top priority, and it has been since we were founded way back in 2007. We’ve seen many security threats come and go over the last 7 years, and we work hard to ensure we maintain your trust and keep your information private, secure and safe.
iMBA Inc.
[The Management]
LikeLike
Heartbleed Bug Could Affect Healthcare Sites
Healthcare sites could be facing major security issues and yet-to-be-determined fix-it costs because of the latest encryption bug Heartbleed, health information technology experts agree. Possibly vulnerable healthcare sites include provider websites, physician and patient portals, secure e-mail services, medical monitoring devices, and remote-access PACS/RIS systems.
Basically, “anything that has built-in encryption capability across the Internet,” said Michael Mathews, president, chief operating officer and chief technical officer of CynergisTek, an Austin, Texas-based systems security firm that specializes in healthcare IT. “I’m not saying all of them are vulnerable,” he said. That depends on whether sites use the affected versions of what’s known as OpenSSL, software used to access encryption algorithms.
Source: Joseph Conn, Modern Healthcare [4/11/14]
LikeLike
The “Heartbleed” Hack
In what appeared to be the first report of an attack using a flaw in software known as OpenSSL, the Canada Revenue Agency (CRA) just said that about 900 social insurance numbers and possibly other data had been compromised as a result of an attack on its site.
http://news.msn.com/science-technology/canadian-charged-in-heartbleed-attack-on-tax-agency
Brawner
LikeLike
Need a risk to analyze to satisfy a HIPAA requirement before it’s too late?
For dentists putting together HIPAA risk analysis reports – which HHS has repeatedly promised will be the first document requested by OCR agents in an audit – don’t forget Heartbleed. (See: “Heartbleed HIPAA Documentation,” no byline, HIPAA for Small Providers and Business Associates)
http://smallproviderhipaa.com/2014/04/15/heartbleed-hipaa-documentation/
“For those who may need more explanation on Heartbleed, it is a very serious bug found in the software that has been trusted to make millions of transmissions secure on the Internet every second. The bug has been there for two years and there is no way to know if it has really been used as an attack method for sure.”
We must be aware that the information didn’t evaporate. The fact that someone has been sitting on this data for years tells me that the perpetrators are disciplined. I fear it could be the first round of state-sponsored cyberwarfare, and it silently kicked our butts long ago.
Regardless of the origin of the security threat, if being audit-proof wasn’t already tricky enough, Included in the article are a half-dozen more mind-numbing, unproductive tasks HIPAA covered entities are expected to perform according to their analysis.
So goes the saga
There is nothing holding down the cost of HIPAA compliance and who knows how much the bad guys have already won. For those storing patients’ identities on their computers, it’s only going to get worse. In my opinion, there are two choices: De-identify dental records or re-learn how to use a pegboard, ledger cards and carbon paper.
Dental History Fact for younger dentists learning about the profession: Carbon paper was named after Dr. Carbon, the “Father of Dental Occlusion.”
D. Kellus Pruitt DDS
LikeLike
Protecting medical practice data from Heartbleed
If you or your Web hosting provider have not yet patched the egregious flaw, we advise immediate action.
http://www.medicalpracticeinsider.com/best-practices/how-stop-heartbleed-hemorrhaging-practice-data?email=MARCINKOADVISORS@MSN.COM&GroupID=116654
Ann Miller RN MHA
LikeLike
More on Heartbleed,
For two years, the internet has been infected by a mysterious virus called “Heartbleed.”
“5 things physicians [and dentists] need to know about ‘Heartbleed’ – EHRs, patient portals, and networked computers could be at risk.”
http://medicaleconomics.modernmedicine.com/medical-economics/news/5-things-physicians-need-know-about-heartbleed#sthash.TLqAcVZ2.dpuf.
If not me, who will inform dentists of actions they should take to protect their patients from identity theft? If you are waiting for dentistry’s invisible leaders, they remain unresponsive. (But I don’t mind filling in while they get their priorities straight).
Poor security is an increasingly dangerous flaw in the “green” paperless dental practices Eco-Dentistry Association promotes. Nevertheless, even though Eco-Dentistry officials hide from consumers’ questions about cost and safety in order to save trees, I have no reason to believe that the environmental conflict of interest would cause them to intentionally hurt Americans.
So how about dentistry’s professional organizations?
I searched “Heartbleed” on the ADA.org website and came up empty. Nevertheless, I seem to remember a courageous warning about the bug in a dental publication, but I cannot recall where I saw it. It might have been the Academy of General Dentistry, or maybe it was a Texas Dental Association article… Or perhaps it was the Fort Worth District Dental Society which recognizes that like physicians, local dentists should be warned about the identity theft risk from Heartbleed, in spite of the ADA’s EDR-friendly “One-voice” policy.
D. Kellus Pruitt DDS
LikeLike
Serious Internet Explorer Bug Leaves Half of all Browsers Open to Hack
Microsoft is scrambling to fix a newly found bug in Internet Explorer, which leaves all versions of the browser open to potential attacks.
http://www.nbcnews.com/tech/security/serious-internet-explorer-bug-leaves-half-all-browsers-open-hack-n91281
Ann Miller RN MHA
LikeLike
Heartbleed and data breaches
The recent breach affecting 4.5 million patients is unlikely to be the OpenSSL bug’s last conquest, and probably not even the largest.
“Heartbleed Not Only Reason For Health Systems Breach – Community Health Systems’ bad patching practices are nothing compared to its poor encryption, network monitoring, fraud detection, and data segmentation, experts say,” by Sara Peters for Dark Reading.
http://www.darkreading.com/heartbleed-not-only-reason-for-health-systems-breach/d/d-id/1298157
Peters writes, “The CHS breach is being hailed as the biggest security incident Heartbleed has caused so far — at least the biggest one we know about.”
D. Kellus Pruitt DDS
LikeLike
“FBI Warning to Health Care Sector Holds True”
Re: Cyber Security – In April of this year, the FBI issued a Private Industry Notification (PIN) to the health care industry warning of the ‘likely increase [in] cyber intrusions against health care systems.
In the same month, and into June of this year; “A group of hackers originating from China were launching a cyber-attack on the records of Community Health Systems, Inc., a health system headquartered in Franklin, Tennessee and the second largest for-profit health system in the United States,” The National Law Review, August 21, 2014.
http://www.natlawreview.com/article/fbi-warning-to-health-care-sector-holds-true-re-cyber-security
D. Kellus Pruitt DDS
LikeLike
BASH
A newly discovered security bug in a widely used piece of Linux software, known as “Bash,” could pose a bigger threat to computer users than the “Heartbleed” bug that surfaced in April, cyber experts just warned.
http://news.msn.com/science-technology/new-bash-software-bug-may-pose-bigger-threat-than-heartbleed
So … BEWARE!
Brawner
LikeLike