Binary Code

Computers and other electronic devices store information as Binary Code (which is a series of 1s and 0s that might look like this: 10101001 01101100 11001010).
Network Topology Map

A Network Topology Map is a diagram of a computer network's components, including network access points and connections between its various parts.
Fake Anti-Virus Software

Fake Anti-Virus Software - also known as 'scareware' - is designed to trick you into buying worthless anti-virus protection that you do not need.
Domain Name System

The Domain Name System (DNS) is like the ‘telephone book’ of the Web – it translates a website's name into its corresponding numerical IP address on the Internet.
Social Engineering

A Phishing e-mail is an attempt to trick the recipient into giving up information, such as account, credit card or password information.
Data Encryption

Data Encryption is the intentional scrambling of information into unreadable form - until it is later converted back into its original form by the intended recipient.
Botnet, or Compromised Computers

A Botnet is a collection of computers compromised by a malware attack that can be controlled remotely (via the Internet) to attack websites, send out spam emails, etc.
Distributed Denial of Service Attack

A Distributed Denial of Service (DDoS) Attack can use a botnet to force a website, network or other resource to shut down by overloading it with requests for data.
USB Flash Drive

A USB Flash Drive, aka a 'stick drive' or 'thumb drive' is a portable data storage device which connects to a computer's USB port to send and receive data.
Electronic vs. Static Media

Static Media is something like a book, magazine or printed photo, while Electronic or Digital Media (websites, digital photos, etc.) requires power to be viewed.
Administrative Access

A user with Administrative Rights has unrestricted power to create, modify or delete files, folders, settings and programs on a particular computer.

Websites, Social Media and HIPAA — Do You Know the Requirements?

Posted on September 8, 2016 by The Security Advocate

By Stephanie J. Rodin, Esq.

In this article, I will discuss the requirements for websites & social media to be HIPAA-compliant.

As healthcare practitioners already know, the goal of the Health Insurance Portability & Accountability Act of 1996 (HIPAA) is to protect the privacy and security of Protected Health Information (PHI). One thing many do not realize is that HIPAA has some very specific rules about how to protect PHI on the Internet.

First, it is important to understand the terminology.

Covered entity: the health care practitioner

Covered service: the type of treatment that can be received from the covered entity

Covered benefits: why patients will be better if they receive treatment from the covered entity

If you, a covered entity, have a website which provides information about your covered service or benefits, your notice of privacy practices must be blatantly posted on the website, with a link to download the notice. If a complaint is made against you regarding a potential breach of HIPAA, one of the first things an investigator will do is look at your website, so it is very important to make sure the notice is conspicuous.
Read more ›

Tagged with: Compliance, Covered Entity, Healthcare Website, HIPAA, Social Media, Stephanie J. Rodin, Stephanie Rodin
Posted in Guest Posts, Privacy Issues

Tune In Tomorrow: Legal Ethics & the Risk of Mishandling Electronic Evidence

Posted on August 17, 2016 by Scott Aurnou

My new program for Lawline, Legal Ethics & the Risk of Mishandling Electronic Evidence, will be broadcast live at 12:30pm EDT on August 18, 2016 (and available on demand shortly thereafter). It will offer a comprehensive look at legal ethics and the risks associated with mishandling electronic evidence. Please feel free to tune in.

Here is the course description from the Lawline site:
Read more ›

Tagged with: CLE, Cyber Security, e-Discovery, Electronic Evidence, Information Security, Lawline, Legal Education, Legal Ethics, Legal Malpractice, Security Awareness
Posted in Laptops & Desktops, Smartphones & Tablets

Understanding HIPAA: Is Your Practice a Covered Entity?

Posted on August 15, 2016 by The Security Advocate

Understanding HIPAA: Is Your Practice a Covered Entity? by Stephanie J. Rodin, Esq.

By Stephanie J. Rodin, Esq.

Many healthcare providers are subject to the Health Insurance Portability and Accountability Act (HIPAA); however, these laws do not apply to everyone. HIPAA relates to covered entities or business associates acting on behalf of a covered entity, and the law is very particular on what falls into these categories.

A covered entity is any healthcare provider that transmits any Protected Health Information (PHI) in an electronic form in connection with a transaction for which the U.S. Department of Health and Human Services has adopted a standard. A healthcare provider includes any doctors, psychologists, clinics, dentists, chiropractors, nursing homes or pharmacies. In today’s age of technology, there is an increased chance that a healthcare provider will be transmitting this type information electronically, especially to third party insurance carriers, and thus is covered under the act.

However, a self-pay practice that operates without any insurance – i.e., the patient is providing payment by credit card, check or cash – may not be considered a covered entity pursuant to HIPAA.

It is imperative that every healthcare practitioner understand whether HIPAA applies to their practice and to then ensure that they are compliant with the rules and regulations.
Read more ›

Tagged with: Compliance, Covered Entity, Stephanie J. Rodin, Stephanie Rodin
Posted in Guest Posts, Privacy Issues

Coming Soon: Data Protection, Security & Legal Ethics

Posted on July 16, 2016 by Scott Aurnou

My new program for Lawline, Data Protection, Security & Legal Ethics, will be broadcast live at 10am EDT on August 18, 2016 (and available on demand shortly thereafter). It will offer a comprehensive look at legal ethics and information security concerns affecting law firms and businesses now. Please feel free to tune in.

Here is the course description from the Lawline site:
Read more ›

Tagged with: CLE, Cyber Security, Information Security, Legal Education, Legal Ethics, Legal Malpractice, Security Awareness
Posted in Laptops & Desktops, Network Security, Smartphones & Tablets

Cyber Security Explained: Baiting

Posted on December 10, 2015 by Scott Aurnou

Baiting involves a piece of portable electronic storage media like a CD, laptop or USB stick drive left at or close to the target’s workplace in order to tempt the curious victim into seeing what’s on it. In effect, the CD, stick drive, etc. is the worm on the fishhook. You’re the fish.

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.

Tagged with: Business Threat, Cyber Crime, Cyber Threat, Fraud, Hacker Tricks, Scams, Security Plain English, Social Engineering
Posted in Fraud & Scams, Network Security, Security Tip of the Week

RT @JimBlasingame: How the government cyber-security forces guard the U.S. election. @saurnou joins Jim to report on how the #government #c… 01:44:47 AM December 06, 2020 from Twitter Web App Reply Retweet Favorite
RT @AndreiCherny: A family of Muslim immigrants from Turkey newly arrived in Germany. The boy in the yellow t-shirt went on to lead the te… 01:43:10 AM December 06, 2020 from Twitter Web App Reply Retweet Favorite
RT @_marcba: Developers can be cruel sometimes https://t.co/kpYvO9aZsu 03:46:39 PM June 29, 2020 from Twitter Web App Reply Retweet Favorite

@saurnou