News & Announcements – Aegify

U.S., Canada Issue Ransomware Alert

Chandra Bilugu — Wed, 06 Apr 2016 15:46:22 +0000

With a new ransomware incidents popping up almost on a daily basis, the U.S. Department of Homeland Security (DHS), in collaboration with Canadian Cyber Incident Response Centre (CCIRC), have issued an official ransomware alert.

While the alert intended to educate the general population to the threat and how to combat becoming a victim it also recommends to not pay the ransom.

“Paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed,” the statement said.

The statement gives a primer on ransomware running through the types currently being favored – such as Locky and Samas – that it is spread primarily through phishing scams and what can happen to a computer’s files if infected.

The post U.S., Canada Issue Ransomware Alert appeared first on Aegify.

HIPAA Audit: OCR Is On The Move

Chandra Bilugu — Tue, 29 Mar 2016 20:26:33 +0000

Last week, the HHS Office for Civil Rights (OCR) announced the launch of phase 2 of the HIPAA Audit Program. OCR’s goal is to proactively uncover and address risks and vulnerabilities to protected health information (PHI). Effective immediately, OCR will ensure Covered Entities (CEs), their Business Associates (BAs) and vendors have comprehensive risk management frameworks in place.

CEs and BAs are required by law to implement the HIPAA security program and meet selected standards and implementation specifications of the Privacy, Security, and Breach Notification Rules.

Friends, this is serious business. Earlier this month, North Memorial Health Care of Minnesota settled potential HIPAA violations with OCR for $1.55 million. Click to read OCR’s 3/16/16 press release.

Can you withstand a fine or settlement of this amount?

CEs and their business associates are protected with Aegify RSC Suite, or alternatively through a combination of Aegify Risk Manager, Aegify Security Manager, Aegify Compliance Manager and Aegify BA-Vendor Manager. It’s easy to get started. Contact sales@aegify.com.

Click to read OCR’s 3/21/16 press release.

Thank you,

The Aegify Team

The post HIPAA Audit: OCR Is On The Move appeared first on Aegify.

Avoiding Future Ransomware Attacks (Malware) Targeting Healthcare Providers

Chandra Bilugu — Fri, 04 Mar 2016 16:18:03 +0000

The “Ransomware” attack (Malware) described below definitely highlights the key value that the Aegify solutions suite offers to any scale of enterprises. The appropriate use of our security scanning and remediation solution would definitely have significantly mitigated the probability of such an attack from occurring as the organization would have stayed on top of any software patches in their web applications. As such, Aegify is a great fit for your organization, since such tasks are burdensome and resource intensive allowing such vulnerabilities to be exploited if not addressed in a timely fashion.

The attack was described as “…used vulnerability in web application that requires patching (updating software versions).” Which implied that the institution breached was not keeping their computing and web systems patched in a timely manner. Aegify’s regular/continuous scanning process would have uncovered this lapse and allowed the organization an opportunity to correct the vulnerability prior to such an attack. The compliance and risk assessment components of the Aegify solution suite would have worked to further educate the management and staff as to the importance of effective monitoring program and its’ elements.

Aegify allows you to safeguard your systems, network, and computing environments in the most efficient way. In fact this type of an attack highlights one of the key benefits that we bring to enterprises. It enables you to regularly monitor and track the enterprise’s Risk, Security and Compliance elements and factors that are key in any successful security protection program.

Thank you
Aegify Team

Avoiding Future Ransomware (Malware) Attacks Targeting Healthcare Providers

The recent malware attack on a healthcare provider in California has significant implications. The delivery approach was not through a phishing email or malware infecting a personal device. Instead, the attackers opportunistically used vulnerability in web applications that requires patching (updating software versions). The attack methodology has impacted companies outside of healthcare and the sophistication of the attack is relatively high.

Information for Your IT Department

Aetna Global Security is sharing the attached document from Dell SecureWorks Counter Threat Unit(TM) (CTU) and the National Health Information Sharing & Analysis Center (NH-ISAC). Please forward this document to your IT department and encourage them to review your web applications and upgrade outdated Jboss applications (upgrade to 7.0) to avoid future attacks of ransomware on hospitals.

Aetna is the brand name used for products and services provided by one or more of the Aetna group of subsidiary companies, including Aetna Life Insurance Company and its affiliates (Aetna).

Help/Contact us:
If you have any questions, please Contact Us.

We are located at 151 Farmington Ave, Hartford, Connecticut 06156.
©2016 Aetna Inc. The Aetna name and logo are trademarks of Aetna Inc.

Privacy Information | Legal Statement | Program Provisions | Member Disclosure | Aetna Companies: State Directory

Jonathan Houck

Network Manager
houckj@aetna.com

Office: 417-837-0225

Fax: 860-907-2191

Aetna OfficeLink Updates are electronic. Sign up at: https://aetna.providerpreference.com

The post Avoiding Future Ransomware Attacks (Malware) Targeting Healthcare Providers appeared first on Aegify.

Aegify And Maize Analytics Partner to offer Live Privacy and Security Management

Chandra Bilugu — Fri, 29 Jan 2016 20:59:24 +0000

Aegify, a leading provider of risk security and compliance management solutions announced today that it has partnered with Maize Analytics to provide their leading edge privacy and access monitoring solution along with

Aegify’s suite of risk, security and compliance products to address next generation compliance challenges. Privacy advocates around the world lack a proper automated privacy auditing solution. Common practices

include manual and rules-based solutions that result in wasted effort and high false positive rates, making it impossible for providers to practice proactive auditing. Maize Analytics provides the only system that allows

users proactively audit with minimal oversight and training. Aegify provides a cloud-based, comprehensive, unified, enterprise platform for continuous risk, security and

compliance monitoring and resolution. The Aegify solution delivers risk, security and compliance management with an intuitive dashboard and advanced analytics. Using a Diagnose, Cure and Protect framework driven by

an expert systems based technology, customers get a clear path to diagnosing risk, security and compliance gaps, curing them through wizard based remediation guidance, and continuous monitoring to ensure business

continuity and protection. The company has won numerous awards and accolades from analysts for product innovation.

As part of the partnership, Aegify with Maize Analytics will help Healthcare Providers address institutional challenges in the changing privacy environment. Maize Analytics’ innovative Explanation-Based Auditing

System (EBAS) is an Electronic Medical Record (EMR) access-monitoring tool that allows hospitals to monitor and audit for internal data breach threats. The solution integrates with any EMR and has been successfully

deployed in Epic, Cerner and other leading EMR implementations. The tool combines rules and clinical context to dramatically increase internal fraud detection.

“The Explanation-Based Auditing System can automatically audit 95% of EMR accesses, drastically reducing the workload for privacy officers and reducing risk for healthcare organizations.” said, Dr. Daniel Fabbri,

Founder and CEO of Maize Analytics. Anupam Sahai, Co-founder and CEO at Aegify Inc., “We are excited to partner with Maize to combine our market leading risk, security and compliance management solution offering with Maize’s privacy auditing

solution to offer an even more robust continuous risk, security and compliance monitoring solution. Maize’s EBAS is a disruptive force in the Healthcare privacy space that will forever change how we do privacy audits.

The combined solution addresses a huge problem that remains unsolved today. We foresee that hospitals, health systems and Health Information Exchanges will have a strong need for Aegify’s-Maize’s technology to ensure

privacy and security.”

The solution is available immediately. To learn more about Aegify, visit http://www.aegify.com or call 408 689 2586, email info@aegify.com. To learn more about Maize Analytics, visit http://www.maizeanalytics.com

About Aegify:

Aegify Inc. (http://www.aegify.com) is a world-leading provider of Cloud-based software-as-a-service (SaaS) solutions for business security monitoring, risk and compliance management. The company’s flagship product

Aegify is the world’s first software only solution that disrupts the way businesses manage security, compliance and risk using an easy-to-use, cost-effective, subscription-based, SaaS solution. Headquartered in Cupertino,

California, Aegify has offices in the United States and India. Earlier this year, the company introduced Aegify BA-Vendor Manager, solving a significant HIPAA compliance challenge faced by all U.S. covered entities for

their business associates and vendors. The company has received numerous industry awards and accolades. Aegify was nominated to the 2016 CyberSecurity 500 list of hottest Cybersecurity companies to watch. It

received the highest possible, five-star rating, based on features, performance, documentation, support, and overall rating from SC Magazine, June 2014.

About Maize Analytics:

Maize Analytics (http://www.maizeanalytics.com), based in Nashville, TN, provides EMR access log monitoring tools for improved data privacy and security. The patented and peer reviewed Explanation-Based

Auditing System leverages machine learning to understand why accesses occur to patient data. In contrast to standard anomaly detection systems, Maize can filter away 95% of false positives, allowing privacy officers to

focus on suspicious behavior. Maize’s technology was recognized as a top 20 most promising healthcare compliance solution providers by Healthcare Tech Outlook for 2015.

The post Aegify And Maize Analytics Partner to offer Live Privacy and Security Management appeared first on Aegify.

$3.5 million fine levied against Triple-S Management Corporation for HIPAA violations

Chandra Bilugu — Fri, 04 Dec 2015 15:36:37 +0000

It’s happened again.

On Dec 1, 2015, a $3.5 million fine was levied against Triple-S Management Corporation, formerly known as American Health Medicare Inc., for HIPAA violations. OCR’s investigations indicated widespread non-compliance throughout the various subsidiaries of Triple-S, including:

Failure to implement appropriate administrative, physical, and technical safeguards to protect the privacy of its beneficiaries’ PHI;
Impermissible disclosure of its beneficiaries’ PHI to an outside vendor with which it did not have an appropriate business associate agreement;
Use or Disclosure of more PHI than was necessary to carry out mailings;
Failure to conduct an accurate and thorough risk analysis that incorporates all IT equipment, applications, and data systems utilizing ePHI; and
Failure to implement security measures sufficient to reduce the risks and vulnerabilities to its ePHI to a reasonable and appropriate level.

Here is the latest information on U.S. Department of Health & Human Services’ website: http://1.usa.gov/1XDjyVY.

Are you at risk? If you’re a healthcare provider or a business associate/vendor, you are. Protect your organization against HIPAA and other compliance risks with Aegify Compliance Manager, part of Aegify RSC Suite.

Aegify RSC Suite, conceptualized and designed in Cupertino, CA, provides bulletproof risk, security and compliance protection for healthcare, financial and retail companies throughout the USA. Discover just how affordable peace of mind is at Aegify.com or by emailing sales@aegify.com.

The post $3.5 million fine levied against Triple-S Management Corporation for HIPAA violations appeared first on Aegify.

Aegify solution selected to protect against cyber threats and HIPAA breaches

Chandra Bilugu — Fri, 23 Oct 2015 14:48:17 +0000

CUPERTINO, California USA, October 23, 2015 (Edited February 18, 2016, Novation is now Vizient) – Aegify, a leading provider of risk security and compliance management solutions announced that it has become a Vizient Innovative Technology awarded supplier in the IT Risk, Security Monitoring and Compliance Management category. The award came through Vizient’s Innovative Technology program. The Vizient Innovative Technology program works with members to add innovative solutions to its portfolio that improve clinical outcomes, ensure patient and health care provider safety or enhance organizations’ operational efficiencies.

This agreement positions Aegify as an awarded supplier serving the IT risk, security monitoring and compliance management contracting needs of more than 100,000 VHA, UHC and Provista members. These relationships represent access to more health care providers than any other group purchasing organization.

Aegify provides a cloud-based, comprehensive, unified, enterprise platform for continuous risk, security and compliance monitoring and resolution. The Aegify solution delivers risk, security and compliance management with an intuitive dashboard and advanced analytics. This gives customers a clear path to assessing gaps, remediating vulnerabilities, and continuous monitoring to ensure business continuity and protection. The company has won numerous awards and accolades from analysts for product innovation.

“We are excited to have been selected by the council of members as an Innovative Technology awarded supplier” said Tom Leahy, Aegify’s Executive VP of Sales and Business Development.

About Aegify

Aegify Inc. is a world-leading provider of Cloud-based software-as-a-service (SaaS) solutions for business security monitoring, risk and compliance management. The company’s flagship product Aegify is the world’s first software only solution that disrupts the way businesses manage security, compliance and risk using an easy-to-use, cost-effective, subscription-based, SaaS solution. Headquartered in Cupertino, California, Aegify has offices in the United States and India. Earlier this year, the company introduced Aegify BA-Vendor Manager, solving a significant HIPAA compliance challenge faced by all U.S. covered entities for their business associates and vendors. The company has received numerous industry awards and accolades. Aegify was nominated to the 2015 CyberSecurity 500 list of hottest Cyber security companies to watch. It received the highest possible, five-star rating, based on features, performance, documentation, support, and overall rating from SC Magazine, June 2014.

The post Aegify solution selected to protect against cyber threats and HIPAA breaches appeared first on Aegify.

Aegify and PolicyMedical Announce New BA Manager Solution to streamline and improve Business Associate and Vendor compliance management

Chandra Bilugu — Tue, 19 May 2015 18:20:47 +0000

Aegify Inc. A world-leading provider of Cloud-based software-as-a-service (SaaS) solutions for business security monitoring, risk and compliance management, announced today the release of a new solution to help healthcare organizations manage their network of Business Associates and Vendors through a partnership with PolicyMedical Inc.
Cupertino, CA (PRWEB) May 19, 2015 Aegify Inc., a world-leading provider of Cloud-based software-as-a-service (SaaS) solutions for business security monitoring, risk and compliance management, announced today the release of a new solution to help healthcare organizations manage their network of Business Associates and Vendors through a partnership with PolicyMedical Inc. Aegify has been deployed from small businesses to large enterprises and has won multiple awards for technology and business innovations.
PolicyMedical delivers policy procedure and guideline management solutions for the healthcare industry. With increasing regulatory requirements and increased pressure to prevent security attacks, healthcare providers are understandably challenged to establish optimal frameworks to address these growing demands. The final Omnibus Health Insurance Portability and Accountability Act (HIPAA) rule includes new provisions that, if breached, could result in significant fines and penalties for healthcare providers and their business associates.
The partnership will allow Aegify to further extend its Security, Risk and Compliance solution by offering Aegify‘s BA manager solution, which provides a comprehensive solution to easily manage all of their Business Associate‘s/Vendor‘s Security, Risk and Compliance status, including managing Business Associate Agreements. Future plans include the incorporation of Aegify‘s extensive database of HIPPA policies and integration to the PolicyMedical Contract Manager solution.
“New regulations put greater burden on healthcare providers to make sure their Business Associates are following HIPAA guidelines for security and compliance” said Saud Juman, President and CEO of PolicyMedical. “This value add offering will help assure that our customers can more effectively manage this requirement“
“More and more pressure is being applied to healthcare organizations to meet and maintain HIPAA and Meaningful Use requirements and to protect healthcare data. Using Aegify BA Management tool, organizations can ensure HIPAA compliance for the entire organization and drive compliance certification of BA‘s/Vendors as well. We are very excited to partner with PolicyMedical‘s common stakeholders to assist in executing and implementing these processes,” said Anupam Sahai, CEO and Co-Founder of Aegify.
The companies plan to introduce the offering at an upcoming webinar scheduled for June 4, 2015. For more information about the webinar, email sales@aegify.com or call +1(408) 689-2586.

About PolicyMedical

PolicyMedical, based in Richmond Hill, Ontario, produces document management solutions for healthcare providers. PolicyMedical takes an active role in shaping the field of governance, risk management, and compliance, through its advanced solutions in document management.

Its flagship software, PolicyManager, offers a policy management solution for healthcare. It has been supporting the policy & procedure management, risk & compliance, and accreditation efforts of healthcare providers for over a decade. Currently, over 1500 healthcare facilities are using PolicyMedical‘s web-based solution to handle their policy management.

About Aegify Inc

Aegify Inc. is a world-leading provider of Cloud-based software-as-a-service (SaaS) solutions for business security monitoring, risk and compliance management. The company’s flagship product Aegify is the world‘s-first, software only solution that disrupts the way businesses deal with security, compliance and risk management using an easy-to-use, cost-effective, subscription-based, cloud-SaaS solution. Headquartered in Santa Clara, Calif., Aegify has offices in the United States, Asia-Pacific, Middle East, and India. The company has received numerous industry awards, including the five-star highest rating based on features, performance, documentation, support, and overall rating from SC Magazine.

Media Contacts

Alex Jamieson
  Director of Media and Marketing
  policymedical.com | 647-494-9045
    Anupam Sahai, Co-Founder and CEO, Aegify Inc.
  Anupam.Sahai@Aegify.com
  1-408-219-1004

The post Aegify and PolicyMedical Announce New BA Manager Solution to streamline and improve Business Associate and Vendor compliance management appeared first on Aegify.