At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data...
CynergisTek's 2018 report aggregated ratings from security assessments performed at hundreds of healthcare organizations in 2017 to reveal an average 45% conformance with NIST Cybersecurity Framework (NIST CSF). The report found that of the NIST CSF five Core Elements, organizations had the lowest ratings in detecting...
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
With advances in big data, artificial intelligence, machine learning and more, healthcare is primed to innovate. But do HIPAA, GDPR and other regulatory standards inhibit the ability to innovate? This whitepaper discusses healthcare's complex convergence of innovation and compliance.
While this is a very...
Many banking institutions boast of being "digital first" and enabling "omnichannel banking." But are they fully aware of the new fraud risks they also are inviting? This whitepaper takes a deep dive into discussing how to mitigate omnichannel fraud and why it is not just a banking issue. There is a need for...
CynergisTek's 2018 report aggregated ratings from security assessments performed at hundreds of healthcare organizations in 2017 to reveal an average 45% conformance with NIST Cybersecurity Framework (NIST CSF). The report found that of the NIST CSF five Core Elements, organizations had the lowest ratings in detecting...
With the explosion of laptops, IoT, tablets, smartphones and other smart technologies, endpoints are the single largest group of devices inside your network today. Managing all of your assets and their software requires three foundational steps.
Despite the White House's request for deep budget cuts, Congress passed and President Trump signed into law last week flat funding for the current fiscal year for the two federal agencies responsible for health information privacy and security issues, including HIPAA enforcement.
We all know that our organization's data may exist on the dark web. Much like a dollar bill of any demonetization looks and feels basically the same, a $1 bill is not worth the same as a $50 or a $100, your organization's potential risk equates to how much your exposed data is worth.
So, how do organizations...
Governing cyber risk across Europe and the UK does not have to feel like crossing a minefield. In this webinar, Andy Norton of Lastline provides insight into the simple traps that organizations fall into, how to correctly estimate the probability of a data breach and how to ensure appropriate remediation if a threat...
Governing cyber risk does not have to feel like crossing a minefield. In this webinar, Andy Norton of Lastline provides insight into the simple traps that organizations fall into, how to correctly estimate the probability of a data breach and how to ensure appropriate remediation if a threat takes place.
Andy will...
Based on the feedback it received, the Office of the National Coordinator for Health IT will consider making tweaks to its proposed Trusted Exchange Framework and Common Agreement, including provisions related to privacy and security, says ONC's Genevieve Morris.
The Cyber Kill Chain model describes how attackers use a common cycle of methods to compromise an organization. IT security leaders can use this research to align security programs to adversaries and improve their ability to predict, prevent, detect and respond to threats.
Download this Gartner Report in which...
With the advent of technology in personal healthcare - internet connected glucose monitors, intravenous blood pressure monitoring, personal best friend emotional bots - a lot of highly sensitive data that's rampantly traversing the airwaves. The impact of this data getting in the wrong hands is just starting to be...
Some healthcare industry stakeholders say the Trusted Exchange Framework that HHS proposes to promote secure, interoperable nationwide health data exchange, while a good starting point, lacks clarity on certain security and privacy issues.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
