For years, government guidelines have forced us to have a long password that was very complex that you have to change every year.  As of today, the current NIST (National Institute of Standards and Technology) guidelines follow this methodology.  But this could soon change.

The Office for Civil Rights (OCR) states that “When electronic protected health information (ePHI) is encrypted as the result of a ransomware attack, a breach has occurred because the ePHI encrypted by the ransomware was acquired (i.e., unauthorized individuals have taken possession or control of the information), and thus is a “disclosure” not permitted under the HIPAA Privacy Rule,”.  Bad guys having control over your data and blackmailing you to retrieve the decryption keys qualifies as a breach.

As a reminder to those of you that fall under some kind of government compliance requirements, F1 Solutions can help you through the risk assessment and remediation process.  F1 is a leader in the Huntsville and North Al area and has the Information Technology security expertise that is essential to the regulatory compliance process.

Many of our clients fall under some type of government regulations due to the sensitivity or the data that they store, process or transmit.  Because F1 Solutions has unique access to client networks and manages clients in the Healthcare, Financial, Government Contracting, Infrastructure, and Retail industries, we decided years ago to strengthen our own data protections to better support you.