Paubox blog: HIPAA compliant email made easy

Paubox Weekly: Trends for 2024: Paubox’s state of cybersecurity report

Written by Dean Levitt | December 29, 2023

Hello world,

Today’s Paubox Weekly is 533 words - a 2 minute read.

Want to get this type of content delivered to your inbox every Friday? Subscribe to Paubox Weekly. 

 

1. Trends for 2024: Paubox’s State of Cybersecurity report

Here is our 2023 year-end review, our predictions and the trends we expect to see in 2024.

What happened: This year, Paubox covered a range of breaking news events – from HIPAA violations and settlements to evolving cyberattack strategies.

Rising challenges to cybersecurity 

 

 

 

 

2. HHS: Social engineering and healthcare

According to the HHS, social engineering is the manipulation of human psychology for personal gain, often resulting in data breaches and significant threats to the health sector.

In the know: Social engineering attacks come in various forms, each with its own methods and objectives.

The phases of a social engineering attack

 

 

 

 

3. New ransomware alert released for Play Ransomware

The Cybersecurity and Infrastructure Security Agency (CISA) has released a security alert for the ransomware group known as Play.

Going deeper: Their ransomware model is considered double-extortion, meaning that they both encrypt data, making it difficult for the victim organization to use, and steal the victim’s data.

CISA’s recommended strategies

 

 

4. 5 Reasons to choose email over patient portals

HIPAA compliant email software offers accessibility, simplicity, and efficiency, making it a preferred choice for many in the healthcare sector.

Why it matters: Email's familiarity allows a wider range of patients, including older adults and those less comfortable with new technologies, to easily communicate with providers.

An invaluable tool in healthcare communication

 

 

5. ESO Solutions announces data breach impacting 15 hospitals

ESO Solutions, a company providing software products to healthcare organizations and fire departments, announced a breach impacting 2.7 million patients.

What happened: The attackers used a tactic called double-extortion; data was first exfiltrated and then the hackers encrypted several company systems.

ESO was able to utilize their backup systems

 

 

Community links

  • Mental health data and the dark web. Link
  • What is smishing? Link
  • Do medical representatives have to be HIPAA compliant? Link
  • MedStar proposes settlement following privacy breach. Link
  • GRC: Governance, Risk, and Compliance. Link
  • The GRC influence on healthcare. Link
  • What does the Advanced Research Projects Agency for Health (ARPA-H) do? Link
  • What is a web tracker? Link
  • Summary of the HHS cybersecurity planning document. Link
  • Brand impersonation in healthcare. Link

 

December HIPAA Breach Report

  • Network server breaches affected the most people in November 2023. 22,108,577 individuals had their data breached.
  • Other breaches were the second most common breach, with 115,930 people affected.
  • Email breaches affected 28,550 people, the third most common breach type.

Read the full breach report


Good reads from around the web

  • U.S. healthcare system braces for more tough times as disruptors continue their march to reform. Link
  • [VIDEO] Getting to patients in rural America and healthcare deserts via health IT. Link
  • Understanding de-identified data, how to use It in healthcare. Link
  • Preserving patient trust: Navigating healthcare’s identity challenge. Link
  • Should healthcare providers give law enforcement PHI when informally requested? Link