government institutions Archives

Ransomware Hackers Target Medical Billing Companies

Feb 9, 2021 | Administrative Safeguards, Cloud Security, Live Compliance, Medical Billing Software Blog, Partner

Ransomware hackers target medical billing companies, and it CAN AFFECT your entire company! (Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.)

Often out of one’s control, ransomware hackers target medical billing companies because of the tremendous value of the data. BUT, there are steps that CAN BE TAKEN to protect you, your company, and your patients and/or clients.

NetWalker Ransomware, for example, gained notoriety for targeting hospitals and healthcare providers with e-mails claiming to provide information about COVID-19. (The e-mail usually has an attachment that downloads the ransomware from a remote server when clicked on.) The thing is, this is very lucrative for identity thieves since medical records information sells anywhere from $1-$1000!

As the number of healthcare providers taking advantage of Telehealth continues to increase—now outnumbering in-person visits—the number of ransomware attacks continues to increase as well. This means Billers and Providers must be aware of the programs that are used on their machines and ensure necessary steps are taken to safeguard against hackers and attacks.

How can you protect yourself and/or your organization?

Carefully monitoring where you store and enter your passwords can be extremely beneficial to help minimize the risk of a hack and keeping personal or patient information protected.
Routine password changes and monitoring where you store and enter your passwords can be extremely beneficial to help reduce the risk of becoming a victim to a hacker. Passwords should be long, unique in characters, capitalization, and alphanumerical.
Have you had an accurate and thorough Security Risk Assessment and/or penetration testing? If you haven’t completed an accurate and thorough security risk assessment, you could also be penalized under ‘willful neglect’ (this category alone is $50,000 per violation!) in addition to the higher risk of ransomware attacks.
If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
The strength of your passwords directly impacts your online security.

Live Compliance can help. They aggregate breaches which enables you to assess where personal data has been exposed. Dark Web scanning is built right into their Portal, and it allows you to keep an eye on employees whose information was involved in a breach, where the breach took place, and then suggest the next steps to take.

At Live Compliance, they make checking off your compliance requirements extremely simple and to ensure this doesn’t happen to you or your organization:

Reliable and effective compliance
Completely online, our role-based courses make training easy for remote or in-office employees
Contact-free, accurate Security Risk Assessments are conducted remotely. All devices are thoroughly analyzed regardless of location. (Conducting an accurate and thorough Security Risk Assessment is not only required but is a useful tool to expose potential vulnerabilities, including those such as password protection.)
Policies and procedures curated to fit your organization ensuring employees are updated on all workstation use and security safeguards in the office, or out of the office—all updated in real-time
Electronic, prepared document sending and signing to employees and business associates

So, don’t risk your company’s future on ransomware hackers. Contact one of EZClaim’s partners, Live Compliance, especially since they are offering a FREE Organization Assessment to help determine your company’s status. E-mail them, visit their website at LiveCompliance.com, or call them at 980.999.1585.

For more information about EZClaim’s medical billing software, which provides a best-in-class product with correspondingly exceptional service and support, e-mail, visit their website, or contact them at 877.650.0904.

[ Article contributed by Jim Johnson of Live Compliance ]

Ransomware Targeting Medical Billing Companies

May 12, 2020 | Live Compliance

Ransomware Targeting Medical Billing Companies

As the number of healthcare providers taking advantage of Telehealth increases during this uncertain time, the number of ransomware attacks continues to increase as well.

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. Microsoft says, “Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020.”

The attacks are targeted towards aid organizations, medical billing companies, manufacturing, transport, government institutions, and educational software providers, however, Microsoft says that it doesn’t stop with critical service groups and suggests all networks are aware of these attacks and taking necessary steps to limit risk. NetWalker ransomware, for example, gained notoriety for targeting hospitals and healthcare providers with e-mails claiming to provide information about COVID-19.

Have you had an Accurate and Thorough Security Risk Assessment and/or penetration testing?

If you haven’t completed an accurate and thorough security risk assessment, you could also be penalized under ‘willful neglect’ (this category alone is $50,000 per violation!) in addition to the higher risk of ransomware attacks. What we do is keep this from ever being a worry for you! We perform your security risk assessment and manage all of your requirements, in a clean, organized cloud-based portal.

Don’t risk your company’s future, especially when we are offering a FREE Organization Assessment to help determine your company’s status.

It’s easy! Call us at (980) 999-1585, or email me, Jim Johnson at jim@LiveCompliance.com or visit
www.LiveCompliance.com

Live Compliance has partnered with EZClaim medical billing software to strengthen what they can provide for you. It provides all of your HIPAA Privacy, Security Requirements, and Measures. HIPAA compliance is a requirement for Covered Entities and Business Associates to safeguard personal, private, and protected health information—allowing organizations to relinquish the struggle of compliance requirements.

You can investigate the EZClaim medical billing software by either downloading a FREE DEMO or just contact our knowledgeable sales staff to answer any and all of your questions by phone at (877) 650-0904 or by e-mail at support@ezclaim.com.

[ Contributed by Jim Johnson of Live Compliance ]

Cookie	Duration	Description
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
hubspotutk	5 months 27 days	HubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts.
messagesUtk	5 months 27 days	HubSpot sets this cookie to recognize visitors who chat via the chatflows tool.
utm_campaign	past	Google Ad Services sets this cookie to store session campaign value if present.
utm_content	past	This cookie is used for storing the session content value if present.
utm_source	past	This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.
utm_term	past	This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_3010814_1	1 minute	Set by Google to distinguish users.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
__hssc	30 minutes	HubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
__hssrc	session	This cookie is set by Hubspot whenever it changes the session cookie. The __hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session.
__hstc	5 months 27 days	This is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
utm_medium	past	This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.

Cookie	Duration	Description
ApplicationGatewayAffinityCORS	session	No description available.
email	past	No description available.
gclid	past	No description
handl_ip	1 month	No description available.
handl_landing_page	1 month	No description available.
handl_original_ref	past	No description available.
handl_ref	past	No description available.
handl_url	1 month	No description available.
username	past	No description available.

Ransomware Hackers Target Medical Billing Companies

Recent Posts

Categories

Archives

Recent Posts

Categories

Archives

PAGES

RECENT POSTS

Key Strategies for Enhancing Patient Collections in Medical Billing

HARNESSING THE POWER OF AI FOR YOUR MEDICAL BILLING SERVICE: A Crawl, Walk, Run Approach to Implementing AI

BillFlash Partner Blog: 5 Payment Processing Trends You Need to Know

How Today’s Cloud-Based Medical Billing Software is Minimizing Claim Rejections

CONTACT US

877.650.0904

LINK TO EZVIEW

SEARCH OUR SITE

FOLLOW US

HIPAA COMPLIANCE