Content Raven Blog

Maschino Hudelson Reminds Financial Firms Why Laptop Encryption Software Is Critical

Posted by Mike Peroni

Jul 22, 2014 7:12:00 AM

In May of 2014, roughly 5,500 people who either worked at or were clients of Maschino, Hudelson & Associates (MHA) – an Oklahoma-based financial planning firm that helps businesses set up benefit programs for employees –received a distressing letter in the mail. The first paragraph was enough to leave any recipient feeling concerned.

Read More

Topics: Laptop Encryption Software

Content Raven for Dropbox is Here!

Posted by Mike Peroni

Jul 15, 2014 9:00:00 AM


Read More

Topics: secure video sharing, secure file sharing, Box integration

HIPAA IT Compliance: When Mobile Device Carelessness Causes a Costly Breach in Healthcare

Posted by Mike Peroni

Jul 7, 2014 7:41:54 PM

If 2014 is any indication of things to come in the healthcare industry, then mobile security will be a high priority moving forward. The Office of Civil Rights (OCR) division of The Department of Health and Human Services has sent a clear message that companies will face stiff penalties if they experience a data breach due to lax security policies in regards to mobile devices.

The OCR made clear that HIPAA IT compliance is a top concern by issuing big fines. On April 22nd, OCR announced that it had reached settlements with Concentra Health Services, an urgent care services provider based in Louisville, Kentucky, and QualChoice Arkansas, a health insurance provider based in Little Rock, Arkansas. The two settlements amounted to $2 million and both companies ended up in the situation after it was determined that stolen laptops were found to have had insufficient protection for the companies’ data.

The Concentra Case

The Incident:
In late 2011, an unencrypted laptop was stolen from The Springfield Missouri Physical Therapy Center, a facility owned by Concentra. After reporting that the stolen laptop was used to access sensitive data, OCR launched an investigation into the matter.

The Discovery: Because of multiple risk analyses performed prior to the incident, it was determined that Concentra was made fully aware of the risk inherent with the company’s lack of encryption and protection on employee devices (including tablets, laptops, and medical equipment.) Concentra had put a plan in place to begin encryption protection, but never saw the process through to completion.

The Cost: For their disregard of security and patient privacy, Concentra was forced to pay over $1.7 million in fines.

 

The QCA Case

The Incident:
QCA made its breach report in 2012 after an employee’s laptop was stolen from a car. The laptop contained the personal health information of 148 people. This laptop was also unencrypted.

The Discovery: QCA was found to be in violation of several HIPAA requirements regarding Privacy and Security.

The Cost: $250,000 fine. QCA must also retrain all employees on cyber-security and compliance, and must submit an updated risk analysis and risk management plan.

The Implications within Healthcare
OCR wanted to send out a message with these rulings. Susan McAndrews, OCR’s Deputy Director of Health Information Privacy, said in a statement:

Covered entities and business associates must understand that mobile device security is their obligation. Our message to these organizations is simple: Encryption is your best defense against these incidents.

The Concentra and QCA cases reveal a troubling trend within the world of healthcare: an astonishing lack of security on devices. Verizon recently did a study into data breaches and discovered that 46% of all breaches occurred on unencrypted devices. Of that number, companies in the healthcare industry were among the worst offenders.

For many reasons, the healthcare industry has been stuck in a rut of lax security. There are some practical reasons for this, chiefly that doctors and nurses – often operating in fast-paced, time-sensitive situations – don’t want to restrict the flow of information through extra passwords and encryptions. However, because critical information is on the line in a modern era of unceasing digital attacks, the industry needs to change its ways in order to adapt to the times.

A Secure Option
One simple option for healthcare providers is to use a secure file sharing service that streams patient information rather than storing it on individual devices. With a snap-in API integration, file security can be added into workflow currently being used by practitioners to share information.

This type of security allows for:

  • Files, images and videos to be pinned to specific devices, guaranteeing that they will not fall into the wrong hands.
  • Remote wipes that delete critical files on demand, which would be invaluable in situations such as a lost or stolen device.
  • Restricted or disabled downloading, saving, printing and forwarding, to keep information from unauthorized sharing.

With OCR making it clear that healthcare companies need to be compliant, all companies in the industry need to make a concerted effort to protect critical information, if not for their customers’ sake, then for the sake of their own finances. It is time that the industry treats digital security as the serious issue that it is, and that all options towards solving these problems be explored.

Learn more about protecting your company’s devices with an easy API solution that adds a security layer to all digital distribution methods.

Read More

Topics: healthcare compliance, apple, HIPAA

Jay Z Elevator Video Raises Questions about Secure Video Streaming

Posted by Mike Peroni

Jul 1, 2014 9:00:00 AM

Video footage depicting the Jay Z and Solange elevator altercation attracted negative publicity to both the Carter/Knowles family and the Standard Hotel. However, while Jay Z and company have managed to put the incident behind them, the Standard Hotel’s lax internal security has drawn lots of questions that have gone unanswered.

What Happened?
In May, TMZ posted an iPhone video of an incident that occurred at the Standard Hotel in New York City. The video was recorded from the screen of the hotel’s security monitors and captured rapper Jay Z, Beyoncé Knowles, and R&B singer (and his sister-in-law) Solange Knowles in the middle of a physical altercation in a Standard Hotel elevator. Days later, the iPhone video was leaked to TMZ. From there, it became national headlines.

Video File Security in the Spotlight
The JayZ-Solange tape was sold by a Standard Hotel employee to TMZ for $250,000 and puts the issue of video file security workarounds square in the spotlight. Even if video files are shared “securely” via internal file sharing software, workarounds such as screen capturing can be used to capture sensitive company materials. In short, whether people are likely to receive a monetary reward or gain notoriety on social media sites, there is an incentive for people to share sensitive video content in an unauthorized manner. For anyone in charge of security at a company that maintains video files for revenue generating purposes, record keeping, employee training, or other purposes, this is a major concern.
Read More

Content Raven’s Box App is Here for Safe Sharing and Collaboration in the Cloud

Posted by Mike Peroni

Jun 24, 2014 3:35:38 PM

Read More

Topics: secure video sharing, secure file sharing, Box integration

Maintaining File Security at the World Cup

Posted by Mike Peroni

Jun 23, 2014 7:32:00 PM

June 12th marked the start of the World Cup, which is being hosted in Brazil this year. Hordes of spirited soccer fans made the trek to South America to watch the games live and in person. Attendees can expect to sample some of the local delicacies, take part in a few adventures in Rio de Janeiro, São Paulo, Fortaleza and other host cities, while catching a few epic games of soccer (or as the Brazilians call it, futebol).

But it’s not all work and no play. Many people headed to Brazil while toting a tablet or smart phone to help with tackling work projects and emails between snapping selfies and reading local reviews to find the best place to grab a caipirinha.

So while the World Cup is a showcase for world-class athletes, it’s also predicted to be a showcase for world-class hackers wielding world-class security threats.

Read More

Topics: secure file sharing, World Cup, file security

What’s the difference between file sharing in the cloud and a content control app?

Posted by Mike Peroni

Jun 17, 2014 9:30:00 AM

Sharing files, videos and other content through the cloud is convenient, but it’s not without risks. Most file share services don’t provide the security features needed to keep your sensitive data and information private.

That’s where a content control app comes in.

Read More

Topics: content control, secure file sharing

Snap-in DRM with an API: Much Easier Than You Think

Posted by Mike Peroni

Jun 3, 2014 1:53:00 PM

The Current State of File Security
The current state of file security is taking a hit as a result of cloud-based, consumer file sharing solutions and a growing trend towards BYOD work environments. As it stands, your organization’s IP and other sensitive data is anything but secure. You know it, and you know that the current system needs an upgrade.

Your company has a lot of employees, all using different devices to access company data at different times and places. If you’re the person in charge of keeping that data secure, this is obviously presenting a real challenge.

Read More

Topics: content security, secure file sharing

Don’t Miss the Webinar! Snap-In DRM for Air-Tight File Security

Posted by Mike Peroni

Jun 2, 2014 1:21:00 PM



Your employees, contractors and vendors are using their smartphones, tablets and other personal devices to share and collaborate on all types of files – from PDFs, Word docs and videos, to PowerPoint decks filled with your company’s precious IP.

The BYOD trend is here and appears to only be moving in the direction of widespread adoption, so if you’re the person responsible for content security and secure file sharing at your organization – you definitely need to register for the June 11th webinar.

We’ll be discussing upcoming trends and challenges in the secure file sharing space at the enterprise level, as well as solutions built to integrate seamlessly into whatever workflows your customers and team members are already accustomed to using.

Read More

Topics: content security, secure file sharing

Internal Leak Hits the New York Times

Posted by Mike Peroni

May 21, 2014 3:08:52 PM

On May 15, 2014, BuzzFeed published a story in its business section that spread like a wildfire across the internet. The headline read:

Read More

Topics: content control, secure file sharing

Follow Me

Subscribe to Email Updates

Posts by Topic

see all