by Kim Singletary | Oct 6, 2025 | Expert Advice
As a vCISO for small and medium hospitals, I’ve learned one lesson: don’t start with technology, start with governance. This shift often determines whether a hospital’s compliance program succeeds or struggles. It’s tempting to assume that buying tools or...
by Kim Singletary | Oct 1, 2025 | Expert Advice
Too often, security is viewed as an external control imposed by technology teams, rather than a shared responsibility tied to patient safety and organizational resilience. When security is siloed, healthcare staff may miss the connection between protecting systems and...
by Kim Singletary | Oct 1, 2025 | Expert Advice
When people think about healthcare security, they usually imagine passwords, firewalls, and protecting patient data online. However, physical security (such as locked doors, cameras, and safety procedures) is just as important. If someone can walk into a clinic and...
by Kim Singletary | Aug 4, 2025 | Blog
A review of OCR Enforcement Findings from 2025 (March-July) OCR’s latest enforcement push is driving healthcare organizations to conduct a thorough review of their HIPAA risk analysis to find any weaknesses or gaps — before the agency does. OCR Risk Analysis update...
by Kim Singletary | Mar 24, 2025 | Blog
Update: On April 16, 2025 the Cybersecurity & Infrastructure Security Agency (CISA) Released Guidance on Credential Risks Associated with Potential Legacy Oracle Cloud Compromise. The alert and CISA recommendations can be found here- CISA Releases Guidance on...
