Blog

We know you have many questions. That’s why our team has curated top-notch resources to help you along your healthcare cybersecurity and compliance journey.

Compliance & Cybersecurity & Risk Management Blogs from Industry Experts

Commentary on the Oracle Health Breach

Steve Cagle, Clearwater CEO As many in the healthcare sector are aware, it has been reported that Oracle ...

Potential Oracle Cloud Breach

A significant concern has emerged involving Oracle Cloud services. Reports have surfaced regarding the alleged sale of 6 million records extracted from Oracle Cloud’s Single Sign-On (SSO) and LDAP directories.

Are You Ready For Quantum Day in Healthcare?

From AI-driven diagnostics to wearable smart devices and telehealth breakthroughs, rapid digital transformation drives modern healthcare service delivery. From what was once a tech-resistant industry — and one where many legacy systems still play critical roles in operations — healthcare tech adoption has radically evolved since pre-COVID. With all these breakthroughs and benefits, many covered entities and business associates struggle to keep pace with the increased risk these innovations introduce into the modern healthcare ecosystem. The more technologies, web apps, smart devices, and cloud services your organization adopts, the greater chance of a cyber breach.

Clinical Research Organizations: M&A Goldmine or Cyber Risk Liability?

The market for clinical trials is experiencing significant momentum in mergers and acquisitions (M&A). Private equity (PE) investment in Clinical Research Organizations (CROs) and Site Management Organizations (SMOs) is being spurred by site consolidation, expansion of specialized services, and technology innovation. These firms are important players in the pipeline of drug development and the best targets for investors who wish to capitalize on healthcare innovation.

8 Easy Ways to Prepare for an OCR HIPAA Compliance Audit

The Office for Civil Rights (OCR) has officially launched its third round of HIPAA audits, following previous assessments in 2012 and 2016. Learn 8 easy ways to prepare for an OCR HIPAA compliance audit and safeguard your health information against rising cyber threats. Past audits revealed widespread compliance gaps, prompting increased oversight.

OCR’s Proposed HIPAA Security Rule Notice of Proposed Rulemaking

In Part 1 of this blog, I provide an overview of OCR’s proposed changes to the HIPAA Security Rule, some commentary on the background, rationale and the potential impact on healthcare, descriptions of key changes in definitions, and OCR’s broader themes. In Part 2, I will dive into specific proposed new or updated standards and implementation specifications and speculate on what may happen next.

2024: Year in Review for Healthcare Security & Compliance

Our gift to you: a year-end wrap-up featuring Clearwater highlights and top resources on risk, security, compliance, and resiliency.

Navigating the HIPAA Privacy Rule for Reproductive Healthcare: Compliance Essentials Before the December 2024 Deadline

In an era where the privacy of reproductive healthcare has become a topic for debate, healthcare organizations face growing fears and challenges over the potential misuse of sensitive patient data. Recent legal developments, coupled with the shifts following the Dobbs v. Jackson decision, have shown the urgent need for robust safeguards. Notably, the December 23, 2024 compliance deadline for the HIPAA Privacy Rule Final Rule to Support Reproductive Health Care Privacy offers a pivotal moment to address these concerns.

The Health Care Cybersecurity and Resiliency Act of 2024: Key Takeaways and Implications

The Cybersecurity and Resiliency Act (HCCRA) of 2024 is yet another proposed bill aimed at strengthening the healthcare sector’s cybersecurity posture and resilience. It focuses on improving coordination between government organizations, updating cybersecurity standards, increasing breach reporting requirements, and providing grants to rural healthcare organizations that lack both financial and human resources needed to address growing cybersecurity vulnerabilities and increasing threats.

Experts Predict Increasing Digital Health Investment in 2025: Innovators Can Turn Cybersecurity into Value Creation

Digital innovation in healthcare continues to march forward, with artificial intelligence (AI) attracting even more attention and contributing to funding patterns across product categories and therapeutic areas. With a strong close to this year, 2024 funding dollars and deal counts could exceed 2023 historicals. This sustained growth demonstrates a healthcare landscape eager for technological advancements and poised to adopt new solutions that can drive efficiency and improve patient outcomes. Investors and innovators alike are seizing this opportunity to make a lasting impact on healthcare systems worldwide.

OCR Doubles Down: Risk Analysis Now a Key Enforcement Priority

Is Your Organization an Attractive Target for Cybercriminals? Office for Civil Rights (OCR) Director Melanie Rainer wants you to consider this question seriously.

Perspective on the Proposed Health Infrastructure Security and Accountability Act

The Health Infrastructure Security and Accountability Act (HISAA) introduced in the U.S. Senate on September 26 is another good step forward in addressing key factors contributing to the healthcare sector’s deficiency in establishing and maintaining adequate cybersecurity controls and risk management programs. While there are many in the sector that are already implementing recognized standards, having mandated standards would help to make sure everyone is playing by the same rules.

No results found.

Sign up for our monthly newsletter discussing hot topics and access to invaluable resources.

Featured Resource

The Most Common HIPAA Cloud Mistakes — and How to Avoid Them

White Papers

WHITE PAPER [Updated August, 2025] Introduction If you’re a healthcare covered entity or business associate, ...