by Kim Singletary | Jun 5, 2026 | Blog
Many hospitals assume that deploying a DEA-compliant, certified electronic prescribing for controlled substances (EPCS) platform is sufficient to maintain compliance indefinitely. On the surface, that assumption seems reasonable. If the core platform is certified and...
by Kim Singletary | Jun 4, 2026 | Blog
Author: Tyler L. Jones, Principal Cybersecurity Analyst | Security Operations The post presents an in-depth forensic analysis of a highly sophisticated, zero-reputation malware campaign attributed to the Termite ransomware threat group. The adversary used bespoke...
by Kim Singletary | Jun 4, 2026 | Blog
What Are Immutable Backups? An immutable backup is a backup copy stored so that, once written, it cannot be changed or deleted until a pre-set retention period expires. Immutability is enforced by the storage system or a separate security boundary, not just a software...
by Kim Singletary | Jun 3, 2026 | Blog
In HITRUST, illustrative procedures are not optional examples; they define exactly how assessors test your controls. Miss one evaluative element and your score can drop an entire tier. How Assessors Think and Why it Matters HITRUST scoring has two distinct layers that...
by Kim Singletary | May 20, 2026 | Blog
Why your high-rise lease may deserve a seat at your HITRUST r2 scoping table This post reflects the practitioner’s perspective on a scoping factor that reasonable people read differently. For authoritative guidance, consult HITRUST’s published scoping...
by Kim Singletary | May 13, 2026 | Blog
What Changed, What Assessors Will Scrutinize, and How Healthcare Organizations Should Respond HITRUST released CSF v11.8.0 on May 8, 2026, introducing targeted updates that will directly affect how healthcare organizations prepare for and defend e1, i1, and r2...
