HIPAA

IMPORTANT..SECURITY ALERT...EVERYONE PLEASE READ!!!

  • 1.  IMPORTANT..SECURITY ALERT...EVERYONE PLEASE READ!!!

    Posted 07-07-2020 08:58 AM
    It is often suggested to use CAPS only sparingly and only when significant emphasis is needed.  Sometimes you hear people write that using CAPS is like yelling.  Well today is a time to use ALL CAPS in the subject line.

    Security is an important topic, on that I think most people would agree.  For some reason, when going to HCCAnet, I see that our CHC eGroup colleague Mia's user account was wide open.  This means that potentially anyone could go into her account and do whatever they wanted.  To prove this, notice I added a new 1st line to her discussion signature ("Mia...please make sure to remove this line.") and I copied and pasted her notification settings.  Nothing confidential of course...but I know there are some that may question what I am describing so this may help prove what I am describing is true.  I also posted this SECURITY alert on the CHC eGroup using Mia's account.

    Here's the rub...NONE OF YOU...including myself know if your account on HCCAnet may also be like Mia's and essentially open to anyone who logs into HCCAnet.

    I am going to alert HCCAnet and Mia right away.  I am also going to review my account info and remove any info that I would not want someone who has accessed my account to use or know.  For me, that's not much...but I think I will just the same to remind myself of what happened and how it may happen to others.

    Thank you for your attention to this important, in my view, posting.  I'm going to call Mia right now and alert her of this issue.

    Note the info below...nothing confidential...but info that is only viewable from the user's account after they have logged in.


    ------------------------------
    -------------Frank "Snake Bite Leader" Ruelas--------------
    ► We don't fail unless we quit! ◄
    Bill Wong's Resource Folder: https://bit.ly/BillWong
    NEXT UP:
    A&M Session: https://www.surveymonkey.com/r/5NLQCMG

    ░ Pass the Exam Group for 2020 ░
    Melissa Singleton - Jan - CHPC
    Julie Clutter - Jan - CHPC
    Tanisha Grant - Feb - CHC
    Lisa Bibby - Jan - CHPC
    Kelly Puida - Mar - CHPC
    Christina Serrano - Mar - CHC
    Rachel Anderson - May - CHC
    Melissa Alexander - June - CHC
    Theresa Veazey - June - CHC
    Barbara Zubeck - June - CHPC
    Patricia Radatz - June - CHC
    ------------------------------
    19th Annual CEI Virtual Conference


  • 2.  RE: IMPORTANT..SECURITY ALERT...EVERYONE PLEASE READ!!!

    Posted 07-07-2020 10:26 AM

    Frank, other than the ability to change your password, I don't see any other security parameters around our user profiles in HCCA.

    A password I used to use on this site was recently found by our network admin vendor on the dark web...now I'm wondering if this is where it was compromised?

     

    Best Regards,

    Scot Lovejoy   

    Scot Lovejoy RPh. CHC CHPC

    Chief Pharmacy Officer

    Compliance Officer

    Agadia_itself (625x184) (625x184) (100x29)

    9 Campus Drive, Suite 200

    Parisippany, N.J. 07054

    (O) 973-540-8400  x227

    (C) 973-570-3803

    (F) 973-540-8440

     

    Confidentiality Notice:  This e-mail is intended only for the person(s) to whom it is addressed and may contain information that is confidential, proprietary, privileged or otherwise protected from disclosure.  If you are not an intended recipient, please (i) do not read, copy or use this communication, or disclose it to others, (ii) notify the sender immediately by replying to the message, and (iii) delete the e-mail from your system.  Thank you.

    No copyright infringement intended.

     

     




    19th Annual CEI Virtual Conference


  • 3.  RE: IMPORTANT..SECURITY ALERT...EVERYONE PLEASE READ!!!

    Posted 07-07-2020 10:35 AM
    Scot...thanks for sharing.  This is precisely some of the feedback/comments/etc I am hoping my sharing of this issue with Mia's account may spark some online discussion.

    It may not apply here...but one possibility for people, related to Scot's post, is that people have a tendency to use the same password for different accounts or log ins.  Not saying this applies to Scot...just something to think about as you consider how this latest incident with Mia's account may have different implications.

    ------------------------------
    -------------Frank "Snake Bite Leader" Ruelas--------------
    ► We don't fail unless we quit! ◄
    Bill Wong's Resource Folder: https://bit.ly/BillWong
    NEXT UP:
    A&M Session: https://www.surveymonkey.com/r/5NLQCMG

    ░ Pass the Exam Group for 2020 ░
    Melissa Singleton - Jan - CHPC
    Julie Clutter - Jan - CHPC
    Tanisha Grant - Feb - CHC
    Lisa Bibby - Jan - CHPC
    Kelly Puida - Mar - CHPC
    Christina Serrano - Mar - CHC
    Rachel Anderson - May - CHC
    Melissa Alexander - June - CHC
    Theresa Veazey - June - CHC
    Barbara Zubeck - June - CHPC
    Patricia Radatz - June - CHC
    ------------------------------

    19th Annual CEI Virtual Conference


  • 4.  RE: IMPORTANT..SECURITY ALERT...EVERYONE PLEASE READ!!!

    Posted 07-07-2020 11:20 AM

    Frank,

                    What do you mean her account was "wide open" and how could you tell this? 

     

    Malinda Turner


    The information contained in this email is intended only for the use of the person(s) identified above. This communication may contain work product which is privileged and confidential, and may contain content which is regulated by Federal law. If you are not an intended recipient or the employee or agent responsible to deliver this to the intended recipient, you have received this message in error and any review, distribution or copying of it by you is prohibited. If you have received this message in error, please notify the sender immediately, and delete the message. E-mail and communication system messages generated by members of the Grant Memorial Hospital workforce may not necessarily reflect the views of Grant Memorial Hospital, its officers, or directors or management.




    19th Annual CEI Virtual Conference