Skip all navigation and go to page content
NN/LM Home About PSR | Contact PSR | Feedback |Site Map | Help | Bookmark and Share

Archive for the ‘Security Issues’ Category

NN/LM Ending Support for Internet Explorer 8

Due to recent software updates on nnlm.gov, Internet Explorer 8 is no longer supported. Some read-only sections of nnlm.gov will continue to be available via IE8. However, anyone using IE8 will probably not be able to submit assignments in online courses utilizing the NN/LM Moodle framework, and may not even be able to access and log into Moodle courses. Other nnlm.gov services that require data to be posted to the server are also likely to fail. In addition, DOCLINE will not support IE8 after the end of 2014. Please visit the NN/LM System Requirements page to see a complete list of supported browsers. For best usability, NLM recommends that libraries should begin talking to their local IT departments about upgrading their browsers to at least Internet Explorer 10.

Starting January 12, 2016, Microsoft will drop support, including security updates, for older Internet Explorer browser versions. Only the most recent version of IE for a supported operating system will receive technical support and security updates. Microsoft’s Stay up-to-date with Internet Explorer blog page provides a good explanation of why IE users should upgrade to the most current version.

HHS Launches Second Video Game on Disaster Planning!

The Office of the National Coordinator for Health Information Technology’s (ONC) Office of the Chief Privacy Officer (OCPO) has released its second web-based security training module, CyberSecure: Your Medical Practice. This latest game focuses on disaster planning, data backup and recovery, and other elements of contingency planning. Contingency planning helps providers and staff prepare for power outages, floods, fires, or weather related events such as hurricanes or tornadoes. These events can damage patient health information or make it unavailable. Planning for these events can help ensure that patient health information is protected and that patient information can be accessed when the disaster is over. This training module uses a game format that requires users to respond to privacy and security challenges often faced in a typical small medical practice. Users choosing the right response earn points and see their virtual medical practices flourish. But users making the wrong security decisions can hurt their virtual practices.

October is National Cyber Security Awareness Month, and is an opportunity for ONC to remind providers about the need to create contingency plans to assure a safe and secure cyber environment. Contingency Planning is also required by the HIPAA Security Rule.

Privacy and Security Mobile Device Good Practices Project Launched

The Office of the National Coordinator for Health Information Technology (ONC), Office of the Chief Privacy Officer (OCPO), recently launched a Privacy & Security Mobile Device project, in conjunction with the HHS Office for Civil Rights (OCR). The project goal is to develop an effective and practical way to bring awareness and understanding to those in the clinical sector to help them better secure and protect health information while using mobile devices (e.g., laptops, tablets, and smartphones). Building on the existing HHS HIPAA Security Rule – Remote Use Guidance, the project is designed to identify privacy and security good practices for mobile devices. Identified good practices and use cases will be communicated in plain, practical, and easy to understand language for health care providers, professionals, and other entities.

HHS will be looking for input. There will be a public roundtable event in Spring 2012. Information about other HHS mHealth activities is available on the mHealth Initiative web site.

NLM Issues Warning about Employment Scam

The National Library of Medicine (NLM) wants to warn you about an Internet scam that uses the NLM name. The fraud involves scammers claiming to represent the NLM. They are promising employment with MedlinePlus if victims send money to them. The scammers say that the money will be used to purchase software and computer equipment to use in the position. NLM does not require prospective employees to make purchases for any reason. Do not send money to these individuals. NLM job listings are located online at: http://www.nlm.nih.gov/about/jobs/jobs.html and http://www.usajobs.gov/.

If you see a posting online offering work on MedlinePlus, please contact the Internet Crime Complaint Center and file a complaint with the proper government authorities.

Are Hospitals Starting to Relax IT Restrictions?

Alison Aldrich, Technology Coordinator for the NN/LM Pacific Northwest Region, wrote an interesting blog post called, “(Fire)Wallflowers Invited to Dance?” She presents some evidence that firewall rules against Web 2.0 tools (such as blogs, wikis, etc.) are beginning to relax a bit at hospital libraries. Her blog post is available at: http://nnlm.gov/pnr/dragonfly/2009/01/27/firewallflowers/

Well worth reading! Note also the comment below the blog post.