All Posts By

admin

Taking Control of Third Party Risk in Healthcare

By | Press/News

Data breaches are on the minds of every C-suite executive in healthcare. Third parties (i.e., vendors) with access to organizations’ protected health information (PHI) and/or personally identifiable information (PII) represent a significant risk for data breaches to the organization.

The Information Systems Audit and Control Association (ISACA) defines TPRM as “The process of analyzing and controlling risks presented to your company, your data, your operations and your finances by parties OTHER than your own company.” Read More

Zero Trust Architecture and the Future of Networking

By | Articles
By Joshua Perri

In today’s networks, having a strong defense at the perimeter-points is not sufficient to keep your data safe. The IT landscape moves very quickly and so do the threats that we face. Strong networks will implement additional defenses to protect the internal boundary points. These additional defenses will ideally vary in strength and type between segments, which house varying sensitivity levels of data. The Healthcare industry has been slowly adopting stricter network segmentation and role-based access throughout the entirety of its networks.

Have a question? Speak with one of our cybersecurity experts Read More

Tabletop Exercises: Unappreciated and Underutilized

By | Articles

Value for healthcare security – Not just a government planning tool

Government defense and response agencies from the Pentagon to FEMA, from state government to the EPA, have been conducting tabletop exercises (TTXs) for years. Why? In a word: they work. Cybersecurity attacks have been increasing in numbers and complexity against our government’s critical infrastructures and led to the development of cybersecurity exercises as a strategic way for an organization to test their detection and response actions, and as well as their response to information security threats and vulnerabilities in a real-time environment. Read More

What is HITRUST and how can it Benefit your Organization?

By | Articles

Today, covered entities and business associates are addressing a wide-range of regulatory requirements necessary to solve the growing complexities in the healthcare industry. Evolving technologies, migration to the Cloud, and cyber threats like ransomware are just a few top-of-the-mind issues. Combine those with regulations under HIPAA, Meaningful Use, PCI, COBIT and ISO, and you will find that covered entities and business associates need a way to manage their security programs more effectively. Read More

Take a Fresh Look at Your Annual Security Risk Assessment

By | Press/News

The importance of a security risk assessment is clear: It helps healthcare organizations ensure their physical, technical and administrative safeguards are compliant with HIPAA requirements. It also assists in showing areas where an organization might be putting PHI and other sensitive information at risk.

All PHI and electronic PHI (ePHI) that a facility creates, receives, maintains or transmits must be protected, and a risk assessment is an important part of this process.

Take a fresh look at your annual Security Risk Assessment (SRA)

By | Articles

Organizational Resilience and Security Risk Assessments

The importance of a Security Risk Assessment is clear — it helps healthcare organizations ensure their physical, technical, and administrative safeguards are compliant with HIPAA requirements. It also assists in showing areas where an organization might be putting PHI and other sensitive information at risk.
Read More