ControlScan Blog


Stay informed with the latest security + compliance updates, news and best practices.



April 13, 2018Published by

As a security consultant, I’ve been in a lot of hospitals, clinics and practices—and I’ve seen a lot of “worry” over the cybersecurity threat landscape. I’d like to see more of this worry translate into action, because it’s just not happening.Other than worry, what can healthcare institutions and their IT/IS leaders do to protect electronic personal health information (ePHI)? I have been part of three major healthcare breaches and post-breach forensics revealed that two of them could have been limited in scope if they had been actively monitoring and alerting to changes inside their IT networks.

  Read More   


January 26, 2018Published by

This morning I read that Apple is letting you keep your medical records on your iPhone or Apple Watch and it got me thinking: How secure will this data be? How well will people work to protect their personal health data? I am a cybersecurity guy and I am a skeptic, so let me give you some facts and then some things to think about.

  Read More   


January 13, 2017Published by

It’s Friday the 13th and there’s a “fear factor” in health IT. If you don’t know where your HIT organization’s security and compliance weaknesses lie you’re likely feeling that fear—today and every day.But don’t try to fight off cyber criminals with monster spray! Read this blog post and learn how to arm your organization appropriately.

  Read More   


October 25, 2016Published by

Countless healthcare organizations have been targeted recently by cyber attacks, and many were caught with little to no IT security safeguards in place. The most frustrating thing is that it could have been prevented if proactive security measures had been taken.

  Read More   


September 26, 2016Published by

Establishing a strong foundation of patient data security involves surrounding your healthcare organization with the right team of people. Here are five people you want on your side when it comes to fighting data breaches and ransomware.

  Read More   


        Featured        

June 3, 2016Published by

2015 became known as “the year of the healthcare breach,” with healthcare hit hard and representing over 39 percent of known breach events. Healthcare organizations of every size are realizing they can no longer afford to ignore the risks they are exposed to on a daily basis. It’s critical that today’s healthcare organizations protect patient […]

  Read More   


May 20, 2016Published by

Your Company is Under AttackYour company’s networks are being probed, prodded and attacked countless times every day. Unless you’re watching your logs, you’re likely unaware all this activity is taking place. Awareness, being a critical element of an effective defense, is important to cultivate and nurture.The Science Behind the “Pen Test”How do you gain insight […]

  Read More   


April 4, 2016Published by

The healthcare industry has become the focus of intentional, targeted attacks. The healthcare data security threat landscape, once characterized by insider carelessness and petty theft, has turned much darker. Healthcare IT professionals have found it difficult to keep up with the broadening attack vectors. It’s no surprise, given the depth and breadth of the typical […]

  Read More   


February 26, 2016Published by


Taking care to not disclose patient information is critical to the success of any healthcare organization. In this post and accompanying video clip, I discuss the security issues I commonly run across in the healthcare setting, as well as actionable tips for preventing their occurrence.

  Read More   


November 18, 2015Published by


Moving infrastructure and applications to the cloud enables a whole new level of connectedness for your organization and customers. Its accessibility and on-demand scalability make it an ideal platform for many evolving businesses. But, because it changes much of what we know about the traditional IT environment, there are some very real risks involved—even if hosting with a major service provider. Learn more about balancing the risk and reward of going to the cloud.

  Read More   


October 23, 2015Published by

Phishing remains a top organizational security vulnerability because it involves the exploitation of human weakness. If you have humans at your workplace—and we all do!—then you are at risk.

  Read More   


October 27, 2014Published by

ControlScan recently released a new report detailing its latest research findings on mobile technology adoption among SMBs. The report, Mobile at the Point of Sale: How SMBs are Adopting Mobile Devices to Accept Card-Present Payments, is based on input from more than 6,000 US-based SMBs responding to the company’s 2014 Mobile Payment Acceptance Survey.

  Read More