Apple Releases a Flurry of iOS Security Updates: Install 9.3.5 Now

Apple Releases a Flurry of iOS Security Updates: Install 9.3.5 Now

Apple has released a series of updates over the last month related to unprecedented vulnerabilities in iOS 9.  The vulnerabilities were discovered by security firm Citizen Lab assisted by Lookout Security.

You can check your iOS version at Settings > General > About > Version.  Anything less than 9.3.5 and you’ll need to install the update via Settings > General > Software Updates.  Make sure you’re connected to wifi as this update is over the size limit that Apple allows over cellular; and allow at least 30 minutes, although my devices updated in about 15.

This update patches three potential exploits creatively dubbed “the Trident”.

  • CVE-2016-4657: An exploit for WebKit, which allows execution of the initial shellcode
  • CVE-2016-4655: A Kernel Address Space Layout Randomization (KASLR) bypass exploit to find the base address of the kernel
  • CVE-2016-4656: 32 and 64 bit iOS kernel exploits that allow execution of code in the kernel, used to jailbreak the phone and allow software installation

You should make time to install this patch immediately if you’d prefer to keep your phone secure from lord knows who, and especially if you’re a political dissident.


Learn more:

Apple releases iOS 9.3.5 to fix 3 zero-day vulnerabilities [Updated] | Ars Technica

The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender – The Citizen Lab

Government Hackers Caught Using Unprecedented iPhone Spy Tool | Motherboard

IPhone Users Urged to Update Software After Security Flaws Are Found –

Exploits patched by Apple today hint at years of surreptitious government hacks | TechCrunch


DIGITAL SIGNAGE: Screenly OSE vs. Screenly Pro

DIGITAL SIGNAGE: Screenly OSE vs. Screenly Pro

Screenly is a great digital signage application with both paid and open source editions.  It runs on the inexpensive raspberry pi platform and can be setup and working very quickly.

There are benefits to the Pro(paid) version, but the Open-Source Edition(OSE) is very fully featured and can show you the capabilities of Screenly.

We have clients in many different industries using Screenly, including Healthcare, Retail and Entertainment.

Let us know if you would like more information about how digital signage can help you and your business.

Health Technology Forum: September 29th, 2015: Healthcare Apps in the Cloud – A Realistic View

Health Technology Forum: September 29th, 2015: Healthcare Apps in the Cloud – A Realistic View

Thanks to our Food and Venue Sponsor:

16633 Dallas Parkway, Suite 110, Addison, TX
6:00 PM to 8:30 PM


Healthcare Apps in the Cloud – A Realistic View

Our speakers will focus on the advantages and disadvantages of Cloud platforms as well as current innovations in Cloud architectures. How adequate is Cloud for health and wellness applications?

Casey Watson – Sr. Program Manager – Microsoft

Casey Watson is a Senior Program Manager at Microsoft dedicated to helping ISVs better leverage cloud technologies. For the last decade, Casey has worked with dozens of companies of all sizes to build applications on the Microsoft .NET platform. As an active development community organizer, Casey founded and grew the North Dallas Cloud Computing Group to over 500 members and has presented at technical conferences throughout the Southwest.

Harriet Flowers – CEO – Revelation MD

Harriett Flowers is an Investor, Mentor, and Board Member for companies in the Healthcare and Technology sectors. She founded a Software-as-a-Service Healthcare Revenue Cycle Solutions company (IMaCS, later Accuro) in the 1990s, at a time when a Cloud figure in a diagram meant “we can’t explain how it gets from here to there.” As an entrepreneur she shepherded IMaCS from inception, angel investment, platform company for Welsh Carson, and finally, via merger with MedAssets.
Harriett is a Director for Transplant Connect, an organ procurement administration SaaS, for Health Resource Group, a revenue cycle services company, and for Revelation MD, a Clinical Integration platform for physician-led networks (where she is currently also serving as CEO).




6:00 – 6:30 Arrival, Networking, food and refreshments
6:30 Welcome
6:35 Healthcare Apps in the Cloud – A Realistic View
7:35 Q and A
7:45 Closing and networking

Thanks to our Food and Venue Sponsor: Improving

Are you ready for ICD-10?

Are you ready for ICD-10?

In addition to the everyday challenges you face as a healthcare provider, add another major concern to your list: the transition to ICD-10.  Effective October 1st, 2015, CMS and almost every other payer will switch over to the new coding version and billing claims submitted without the new format will be summarily rejected, delayed and otherwise returned to sender as unprocessed.  Don’t be caught unaware, start now, review your billing and coding systems and make sure you’re ready for the transition.

Take a look at the following Readiness Assessment to gauge where you stand in the process.

ICD Readiness Assessment

Software Requirements

1.    Is your EMR upgraded to the most current version?  Almost all EMR vendors have released updates and service packs that integrate the codes needed to comply with ICD-10.
2.    If you don’t bill in-house, how prepared is your third party biller?


3.    Have you visited your EMR vendor’s, your payers’, and CMS’ ICD-10 websites?
4.    Have you viewed available ICD-10 webinars?
5.    Have you reviewed the release notes for EMR vendor service packs and updates?
6.    Have you practiced mapping ICD-9 codes to ICD-10 codes within visit notes and other applicable areas within your EMR?


7.    Have you identified your practice’s most commonly used ICD-9 codes?
8.    Have you pre-mapped ICD-10 codes for your most commonly used ICD-9 codes, either manually, or by installing the applicable EMR mapping tools, if any?
9.    Have you practiced mapping codes at visit note conclusion for any codes that are not pre-mapped?


10.    Have you practiced manually creating invoices using ICD-10 codes?
11.     Have you successfully submitted a test claim to each of your payers using ICD-10 codes?  (A DOS of 10/01/2015 must be used)
12.    Have you reviewed the ICD-10 start date for all payers and adjusted it for payers that will not be transitioning on 10/1/15?

The above Assessment is just a start.  Your mileage may vary, objects are closer than they appear, etc. you get the idea.  Do your homework is the main message here.

CMS Posture towards ICD-10 Transition

CMS has promised leniency during this transition, but technically, they can deny your claims if the claim does not comply with they new standards.   Here are a few excerpts from their most recent communication:

  • For 12 months after ICD-10 implementation, Medicare review contractors will not deny physician or other practitioner claims billed under the Part B physician fee schedule through either automated medical review or complex medical record review based solely on the specificity of the ICD-10 diagnosis code as long as the physician/practitioner used a code from the right family. However, a valid ICD-10 code will be required on all claims starting on October 1, 2015.
  • For all quality reporting completed for program year 2015, Medicare clinical quality data review contractors will not subject physicians or other Eligible Professionals (EP) to the Physician Quality Reporting System (PQRS), Value Based Modifier (VBM), or Meaningful Use (MU) penalties during primary source verification or auditing related to the additional specificity of the ICD-10 diagnosis code, as long as the physician/EP used a code from the correct family of codes. Furthermore, an EP will not be subjected to a penalty if CMS experiences difficulty calculating the quality scores for PQRS, VBM, or MU due to the transition to lCD-10 codes. CMS will not deny any informal review request based on 2015 quality measures if it is found that the EP submitted the requisite number/type of measures and appropriate domains on the specified number/percentage of patients if the EP’s only error(s) is/are related to the specificity of the lCD­-10 diagnosis code (as long as the physician/EP used a code from the correct family of codes).
  • CMS will set up a communication and collaboration center for monitoring the implementation of ICD-10. This center will quickly identify and initiate resolution of issues that arise as a result of the transition to ICD-10.
  • CMS will name an ICD-10 Ombudsman to help receive and triage physician and provider issues.

Please visit for the complete guidance.  Most major payers will adopt CMS guidelines, but your payer mix should be reviewed and taken into account during this transition.  Providers should contact their top 10 payers at a minimum to determine readiness, transition guidance and leniency policies, if any.

Good luck during this transition.  Please call me if I can be of any assistance.


CyberRX for Healthcare Security

crxHITRUST, in coordination with the U.S. Department of Health and Human Services (DHHS), revealed the results of the healthcare industry’s first cyber attack simulation, CyberRX. CyberRX is a series of industry-wide exercises used to evaluate the response and threat preparedness of healthcare organizations against attacks and attempts to disrupt U.S. healthcare operations.

The unanimous findings from the exercise are:

  • Organizations that participate in cyber exercises are more prepared for a cyber attack, regardless of the maturity and comprehensiveness of their information security program.
  • Many organizations are not prepared for processing threat intelligence or are challenged with communicating and engaging other stakeholders internally and externally; this issue extends beyond IT to legal/privacy, crisis management, business/clinical operations, management and external business partners; additionally organizations vary in their appetite for and ability to process threat intelligence.
  • Organizations call for greater “freedom” to communicate and collaborate during a cyber crisis and to have a view across the healthcare ecosystem, including common vendors and partners – despite potential legal restrictions and liabilities; participants also uncertain how best to engage law enforcement.
  • Incident response coordination and collaboration capabilities are crucial and the HITRUST Cyber Threat Intelligence and Incident Coordination Center (C3) capabilities should be enhanced to better support broader and more effective collaboration.

In response to the CyberRX findings, HITRUST has established a “Health Industry Cybersecurity Roadmap” which includes:

  • Linking C3 cyber threat intelligence reports to CSF Controls, evaluate current control guidance per threat report and publishing supplemental guidance, if required
  • Enhancing and expanding the collaboration and incident response capabilities of the HITRUST C3
  • Supporting twice yearly CyberRX exercises

Click here to view the press release and read the report.

Health Technology Forum: March 11th, 2014: HTF SXSW Startup Celebration


Brought to you by HTF Austin, Dallas, and San Francisco.

Tuesday, March 11, 2014
6:00 PM to 10:00 PM

Molotov Lounge, 719 W 6th St, Austin, Texas

Health Technology Forum SXSW Startup Celebration

Please join us in Austin during SXSW interactive, on Tuesday, March 11th, 2014 for the HTF Startup Celebration!  We’ll be at the Molotov Lounge on West 6th from 6 to 10pm with the Startup Pitch Minutes starting at 8pm sharp.

More details TBA, but we are expecting a group of health technology startups, food, drinks and lots of fun. Our startup presenters will informally demo to groups as you circulate.  Then, starting at 8pm, each startup will have one quick minute to pitch their value to the crowd.  Come join us as we celebrate the health technology startup community!

During the evening Pronoy Saha, HTF Founder in from San Francisco, will announce the upcoming 3rd Annual 2014 HTF

Please RSVP at the Austin HTF meet up page if you plan to join us.  CLICK HERE.

If you are a healthcare technology start up and would like to have the opportunity to demonstrate and pitch your product, please click here to submit a request.

Interested in volunteering for this event? Please register here.


SXSW Startup Celebration Details

Date: Tuesday March 11, 2014

Time: 6-10 pm

Where: Molotov Lounge, 719 W 6th St, Austin

Cost: Free to HTF members; $100 for startup presenters

RSVP here on the HTF Austin Page.


The First HTF Demo and Happy Hour was a Success!

Pronoy Saha announces HTF Expansion Plans

Our first demo happy hour was a tremendous success and the feedback has been overwhelmingly positive. We had five startups, four presenting a healthcare service and one with a product offering. I counted four others in attendance that have startups in various phases of the early startup runway. All attendees were on fire from their individual perspectives. Thanks to all who came out.

Here is a quick recap of our demos and my takeaway from each of them. Thank you to each of these that came out to show us their work.

– Luissette Figueroa, CEO and Co-Founder, Health Innovator Systems. It was a pleasure to meet my counterpart from Austin(she organizes the Austin HTF chapter). Luissette has health technology in her DNA, so to speak: her father Luis, also present last night, built and successfully sold an EMR company in Puerto Rico. Luissette energetically demoed her web-based application HealthPASSKEY that coordinates care by connecting patients with their caregivers, enhancing wellness and communication. At last count last night, she had demoed 11 times. Her product launches in December 2013 – I encourage any organization looking to implement a certified patient portal to get in touch at

– Ravi Kalidindi, Founder, Simple Interact. Ravi’s “patient relationship management” software solution for medical practices, clinics, groups, and hospitals helps them achieve topline growth, and bottom line improvements by building lasting, loyal relationships with their patient base. Simple Interact is currently in beta test and expects to launch by the end of 2013. Ravi is actively seeking discussions with provider practices looking to increase their competitive positioning by strengthening patient loyalty and retention. Please contact Simple Interact at

– Dr. Ann Hawkins and Bob Hood, 24 Hour MD Now. Dr. Hawkins and Mr. Hood demoed their 24/7/365 telehealth service that facilitates access to a medical doctor by phone, addressing up to 70% of doctor office visits. 24 Hour MD Now was recently a finalist in a startup competition with 100 others at TCU. Learn more at

– Naveen Khan, Founder and CEO, PT PAL. Naveen’s service brings user-centered physical therapy to patients anytime, anywhere. PT PAL is a game-changer in healthcare, increasing compliance with physical therapy and throughput of patients. Learn more at or find the PT PAL app by searching the app store or google play.

– Felix Gutierrez Jr, Founder and CEO, Biometric Data Solutions. Biometric Data Solutions (BDS) offers advanced verification for employees in every industry. Because biometric systems identify people through physical measurements of unique human characteristics or behavior, they thwart attempts of time and or service fraud. The BDS product offering is particularly suited to home health and would reduce up to 95% of associated fraud. Felix is seeking governmental or industry contacts that have influence over authentication and access system buying decisions. Contact Felix at

Thank you to all who demoed tirelessly for the 2 hour event.

In other HTF news, we are planning a social at SXSWi in March and the 2nd Annual HTF Innovation Conference will be in late April or early May in San Francisco. The best way to keep abreast of these and all HTF events is by being a member of our meetup site at I would also encourage you to join the home chapter in San Francisco, as the member of 3000+ has an active discussion.

The organization continues to grow worldwide with over 4000 members in 13+ chapters on 4 continents. Leadership is expanding at the chapter level with positions available for Advisory, Organizer, Industry Liaison, Street Team and Intern roles. Please contact local chapter organizers for more information. As always, our greatest proponents are our members. Thank you and please continue to spread the word to colleagues and let me know if you’d like to participate in our street team to help grow event attendance and group membership.

Stay tuned for our next local event, to be announced soon, which will most likely be held on the 21st of November.

Come together for health,
Eric McQuaid

Health Technology Forum: October 29th, 2013: Demos and Happy Hour!

Please join us at this or future events by signing up at

Tuesday, October 29, 2013
5:00 PM to 7:00 PM

Blue Mesa Plano
8200 Dallas Pkwy Plano, TX 75024
(214) 387-4407

Please join us tonight Tuesday, October 29, 2013 for an HTF Demo Day and Happy Hour.  We will be at Blue Mesa in Plano from 5 to 7pm.  The Taco Bar is free until 6:30.  Cash bar with some drink specials.

The demos planned are:

– Luissette Figueroa, CEO and Co-Founder, Health Innovator Systems, will demo a web-based application that coordinates care by integrating patients in their healthcare wellness and enhancing communication with their caregivers.

– Ravi Kalidindi, Founder, Simple Interact, will demo a “patient relationship management” software solution for medical practices, clinics, groups, and hospitals. It helps them achieve topline growth, and bottom line improvements by building lasting, loyal relationships with their patient base.

– Dr. Ann Hawkins and Bob Hood24 Hour MD Now, will demo a 24/7/365 access to a medical doctor by phone addressing up to 70% of doctor office visits which can be handled effectively with a telehealth service.

– Naveen Khan, Founder and CEO, PT PAL.  User-centered Physical Therapy, Anytime, Anywhere.  PT PAL is a game-changer in healthcare. Increasing compliance with physical therapy and throughput of patients.

Please RSVP! Upon arrival, get your nametag and write, in 4 words or less, anything about health tech that interests or defines you (e.g., mobile fitness app creator, healthcare serial entrepreneur, investor, physician, etc.) Find others wearing nametags & introduce yourself!

Pronoy Saha, HTF Founder, in from San Francisco, will discuss the global expansion of HTF and plans for the future, including the upcoming SXSW HTF Event and the 3rd Annual 2014 HTF Innovation Conference and more.

Our four demo presenters will informally demo to small groups as you circulate and chat with the presenters.

– Please contact me asap if you would like to participate with a demo. –

Thank you and we look forward to seeing you!


This event is brought to you by the Health Technology Forum.

Come together for health,


Health Technology Forum Meetup


Multizone audio for home or office

Multizone audio for home or office

 F3 Media ServerReQuest has a long history of providing the sonic ambience that provides a finishing touch to a night of luxury fine dining.

Hotels, restaurants, retail environments – wherever a business owner wants true control, a deeper catalog, or just a personal touch, ReQuest can provide the means.

ReQuest servers mirror each other automatically and can be easily controlled with any computer or mobile device, making it an ideal solution for a multi-location customer-facing environment.


F3 packs all the power of ReQuest’s multi-zone Serious Play servers into a compact powerhouse. With the ability to add up to three NAS devices, F3 can handle your entire family’s music collection with ease.


Serious Play 7 now enables you to stream from dozens of new music and audio entertainment sources including (specific services subject to change):

Absolute Radio UK, AccuRadio, BBC, CBC, CBS Radio,, Digitally Imported,, Live365, Live Music Archive, MOG, Orange Liveradio, Pandora, RadioFeeds UK & Ireland, Radioio, Radionomy, SHOUTcast, SiriusXM Internet Radio,, Slacker, SomaFM, Spotify and TuneIn Radio

Looking for the most pristine listening experience available? F3 servers will play HD Audio. Available now at, 96kHz/24-bit HD Audio brings the most realistic sound and greatest sonic detail available to any music file format. With a fanless chassis and optional solid state hard drive, your music is all you will hear.

Automatic dual encoding allows you to listen to high quality music at home while having smaller files for iPods and streaming. NetSync for iTuneslets you keep all your personal music libraries seamlessly in sync with your ReQuest library. Multi-Location Sync enables ReQuest owners with multiple homes to enjoy the same great music in both locations.

Adding a MediaPlayer Mini or PLUS brings the true power of F3 to your wide screen hi-def television, playing your archived movie collection, YouTube clips, Hulu, and your Netflix “Watch Instantly” queue. The MediaPlayer even acts like another audio zone, allowing you to stream your music collection to your connected home theater system.

Whenever you add a new TV or entertainment system, just connect a new MediaPlayer and your entire collection shows up in that room as well!

Please call us today for a quick consultation to provide your custom quotation.

Health Technology Forum: September 19th, 6 – 8 pm: How to Lock Down & Certify Your Cloud for Healthcare

Please join us at this or future events by signing up at

Thursday, September 19, 2013
6:00 PM to 8:00 PM

Maggiano’s Little Italy
6001 West Park Boulevard, Plano, TX

How to Lock Down & Certify Your Cloud for Healthcare helps healthcare IT professionals understand how the cloud can positively impact their business and how to take steps that ensure compliance standards are met. Kurt Hagerman, director of information security at FireHost, and Michael Frederick, vice president of assurance services at HITRUST, will lead this informative session.

– Why secure cloud computing benefits healthcare organizations, and how to ensure a healthcare cloud is secure, compliant and performing optimally
– How to meet/exceed healthcare specific compliance mandates
– The value of the HITRUST Common Security Framework (CSF) for managing HIPAA security requirements
– Why HITRUST CSF helps healthcare IT pros save time and budget on audits
– How to effectively supplement corporate, enterprise IT with specialized and secure, outsourced infrastructure and managed services

We would like to invite you and your colleagues to Maggiano’s in Plano on September 19th between 6pm-8pm for appetizers, drinks, and a discussion about the latest in security and certification for healthcare technology.

You’re encouraged to RSVP for this event, as we have limited seating.

Kurt Hagerman, Director of Information Security, FireHost
Michael Frederick, VP Assurance Services, HITRUST

6:00 pm – 6:45 pm Welcome, networking, refreshments
6:45 pm – 6:55 pm HTF Progress Report, News, Sponsor Recognition
6:55 pm – 7:00 pm Speaker Introductions
7:00 pm – 7:40 pm Presentations
7:00 pm – 7:20 pm Kurt Hagerman, FireHost
7:20 pm – 7:40 pm Michael Frederick, HITRUST
7:40 pm – 7:50 pm Forum Q&A
7:50 pm – 8:00 pm Closing, networking with speakers & organizers

Kurt Hagerman, Director of Information Security, FireHost

As the director of information security at FireHost, Kurt Hagerman oversees all compliance-related and security initiatives. Hagerman is responsible for helping FireHost with the attainment of ISO, PCI, HIPAA and other certifications, which allows FireHost customers to more easily achieve the necessary compliances for their own businesses. His position further includes merging information security and compliance into one organization, and enacting a strong security program where levels of compliance are by-products.

Hagerman was a senior engineer for both Exodus Communications and Telesphere Networks. He also held the position of security evangelist within SAVVIS, after which he spent time as the managing director of Coalfire Systems. Hagerman holds his Bachelor of Science degree in Industrial Management from Purdue University.

Michael Frederick, VP Assurance Services, HITRUST

Michael Frederick has 20+ years experience in information security. He is currently the Vice President of Assurance Services at HITRUST. Prior to joining HITRUST he was CEO of The Frederick Group, a professional services firm focused on security risk management in healthcare. He served as Chief Information Security Officer (CISO) for eight years at a large healthcare system. While in this role, he led the organization in becoming the first hospital system to be certified under the HITRUST Common Security Framework™ (CSF) and was the industry lead in the provider space during the development of the CSF. He has been a speaker at numerous security events and has been published on the topics of risk management, applying security practices within an organization, and how to build an effective security organization. Prior to his CISO role, he was a security architect, security manager in industry and a security consultant in various large accounting firms. He has been a Certified Information System Security Professional (CISSP) since 1999.

As usual with our panelist format, audience interaction is welcome and encouraged.

This event is brought to you by the Health Technology Forum and FireHost.

About FireHost
FireHost is a secure cloud hosting company focused on protecting companies’ sensitive data and brand reputations with an architecture built for security, scalability and performance. Customers with specific compliance or performance needs subscribe to FireHost’s PCI, HIPAA or high traffic solutions, including some of the largest companies in the world, as well as many fast growing eCommerce, SaaS and healthcare IT providers. FireHost provides services from Dallas, Phoenix, London and Amsterdam.


Please join us for this exciting conversation on the role of security frameworks  in healthcare!

Come together for health,


Health Technology Forum Meetup