HHS Office for Civil Rights (OCR)’s April 3, 2019 cybersecurity newsletter highlights one of the more challenging cybersecurity vulnerabilities faced by covered entities and business associates.  OCR reminds covered entities (CEs) and business associates (BAs) that compliance with the HIPAA Security Rule can help, but stops a bit short of providing concrete guidance as to