Photo by The Ear Depot on Unsplash

What are Gerry and Steve talking about this week?

The Office of Civil Rights (OCR) asked for input on their proposal for improving patient access to PHI and the AMA responded with 29 pages of well-crafted sense. Will OCR listen? A red teamer provides some lessons learned after 6 years of penetration testing engagements. The top three findings are just #sad. Finally, a massive data breach at U Washington Medicine due to a “mis-configured database”.

As always they end with One Cool Thing.

Show Notes

Resources:

InfoSec ICU is a finalist for Best Local Podcast in Charleston.

Vote here -> http://chscp.co/BestOfArts

AMA feedback to OCR about improving patient access to PHI

https://searchlf.ama-assn.org/undefined/documentDownload?uri=/unstructured/binary/letter/LETTERS/2019-2-8-Letter-to-Severino-re-HIPAA-RFI-Response.pdf

Red Team findings from 6 years of tests

https://www.cbronline.com/opinion/red-teaming-lessons

University of Washington Medicine breach notification

https://www.scmagazine.com/home/security-news/data-breach/misconfigured-database-exposes-974000-university-of-washington-medicine-patients/

What Google indexes > https://support.google.com/webmasters/answer/35287?hl=en

One Cool Things

YouTube Kids (totally not cool)

https://www.cbsnews.com/news/youtube-kids-inappropriate-horrified-mom-discovers-suicide-instructions-in-video-on-youtube-and-youtube-kids/

The Tyrconnell

https://www.thetyrconnellwhiskey.com/

Contact

Email infosecicu@musc.edu

Twitter: