Education, Tip of the Week, Upcoming Events

Upcoming Events 2014 QSEN National Forum

The Quality and Safety Education for Nurses (QSEN) National Forum is taking place in Baltimore, Maryland this year.

Photos uploaded from MDSCI- logos-photos &
Photos uploaded from MDSCI- logos-photos &

Date: May 27-29, 2014

Location:  Baltimore Marriott Inner Harbor at Camden Yards


111 S. Eutaw St

Baltimore, Maryland 21201

Purpose: To attract innovators and nurture faculty and nursing leaders for the improvement of quality and safety education through sharing of:

  1. Innovations in curricular design and teaching strategies that accomplish QSEN competency development
  2. Quality Improvement, Evidence-based practice implementation, or safety projects
  3. Research related to quality and safety education in pre-licensure, advanced practice programs, and clinical practice

Registration online, please visit:

Agenda for printing:

Make your visit complete and see the sights:

National Aquarium in Baltimore, here’s a live  Shark Cam:

Maryland Science Center, where a Live Demonstration takes place all day from nanotechnology to liquid nitrogen and Science on a Sphere

Requests a Free Official Visitor Guide at

Data Breach, News Events, OpenSSL, Trends & Technology

The Heartbleed Bug

heartbleed_bugThe big news in internet security right now is the Heartbleed Bug. Announced this week, it affects OpenSSL versions 1.0.1 through 1.0.1f and 1.0.2-beta. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the site. A successful intruder could obtain your private information from an affected site and impersonate that site until its operators catch on. Since the bug has been in the wild since OpenSSL released version 1.0.1 in March 2012, it is likely that your organization is vulnerable along with many of the sites you frequent throughout the day.

To address this issue in your organization, you need to create an inventory of any web servers and certs using OpenSSL version 1.0.1 and 1.0.2-beta. Once you have that inventory, you can patch affected sites by upgrading to OpenSSL 1.0.1g, released April 7, 2014. Users unable to immediately upgrade can alternatively recompile OpenSSL with the handshake removed from the code by compile time option -DOPENSSL_NO_HEARTBEATS. Version 1.0.2 will be fixed in 1.0.2-beta2. Link:

Then All User populations that logged in via that site have to change their passwords, and any other encrypted sensitive information that got transmitted across that server, with OpenSSL, must be addressed. This might be notification, changing of account numbers, or that no reasonable action can be taken.

A Web based test to see if your server is vulnerable is here:

There is a test utility/proof of concept available here:

Snort signatures to look for malicious Heartbleed activity can be found here:

As a consumer, keep an eye open for popular websites updating their security practices and change your passwords once the bug has been fixed.

This recent announcement is just another reminder to be vigilant with your organization’s data and your personal information.

For more information or to inquire about RISC Management’s Risk Mitigation services, visit our website at