For over a decade, the HIPAA Security Rule has required covered entities and business associates to engage in risk analysis and management. But due to the recent surges in data breaches within the healthcare sector, it's time to embrace an information asset-based approach to risk analysis.
Healthcare organizations invest billions of dollars in security solutions to safeguard sensitive patient data—but are those solutions working as intended?
A 2020 report by Cybersecurity Ventures predicted that the healthcare industry will spend $125 billion cumulatively on cybersecurity from 2020 to 2025, growing...
"Stop waiting; start preparing." This is the message from Robert Teague and Thomas Graham of Redspin, a division of Clearwater, regarding the U.S. Department of Defense's Cybersecurity Maturity Model Certification. CMMC is coming, they say, and now is the time to get ready.
It’s not uncommon for hospitals and health systems to have questions about what they need to do when it comes to technical testing to be in compliance with the HIPAA Security Rule. Unfortunately, there is no one-size-fits-all answer for every organization, and there's much more to technical testing than checking a...
Artificial intelligence offers huge opportunities to improve healthcare. Yet with that opportunity comes significant cybersecurity risks.
Healthcare leaders must be equipped to navigate an increasingly complex AI landscape, manage risks and unlock the full benefits of AI to deliver enhanced patient care. During...
The threat landscape has evolved significantly in the past year or so - particularly for small to midsize healthcare entities. Steve Akers of Clearwater says these organizations are particularly vulnerable because their first-line cyber defenders are their highest risk variable.
Healthcare is under siege from relentless cyber attacks, all while grappling with IT and clinical staff shortages. Shockingly, a recent report reveals 93% of healthcare organizations have suffered breaches in the last two years.
With stolen credentials like passwords, external attackers can pursue more entitled,...
If you've ever confused the three assessments required under the HIPAA security rule or interchanged one to meet multiple requirements—you're not alone. But knowing the differences is critical because, at best, confusing them is risky and non-compliant, but worse, it leaves gaps in your cybersecurity strategy that...
Healthcare data regulations and compliance are always changing due to a plethora of reasons, from natural disasters and global pandemics, to technological advancements and more.
Restructuring an entire data management process whilst maintaining large scale operations that prioritise saving human lives is no small...
As a fast-growing company with a startup mentality, a mid-sized healthcare company needed a detection and response security solution that acted like an extension of their current team. But they were frustrated by the decline in their existing cyber security reliability.
“Honestly, it was just frustrating. A lot...
Struggling to Balance Security and Compliance in Healthcare? See How One Company Succeeded
As an IT leader at a mid-sized healthcare organization, you face immense pressure:
Meet HIPAA, PCI DSS, and other strict compliance regulations
Detect and respond to constant cyber threats
Modernize infrastructure and...
When it comes to managing cyber risk, hospitals and health systems often find themselves racing to check a box or meet an annual deadline. Owensboro Health's Chief Information Security Officer (CISO), Jackie Mattingly, decided to find a better approach. Because Owensboro had already experienced a breach years prior,...
Resilience, not just compliance, is becoming healthcare's primary goal in managing cyber risk. Moving to a more resilient state requires continuous cyber risk management, which requires knowing how an adversary thinks and attacks to ensure that the appropriate safeguards are in place.
What does it look like when an attacker accesses your network, and how can you mitigate the threat before it becomes a crisis?
This eBook reveals the various ways a real-life attack played out within the environment of a healthcare business associate. It documents how the attack happened and the moves and...
Understanding how your digital health vendors approach cybersecurity, assess and respond to risk, and plan for incident response is critical to protecting your organization. Here is a set of steps to determine if your vendor is serious about their role in protecting patients.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
