Technical Testing and the HIPAA Security Rule: What’s Needed to Safeguard Your Organization

This presentation is a recording of a web event given on 11/23/2021 by Clearwater Consultant, Chris Dowhan, OSCP, GREM, GWAPT 


As defined in 45 CFR §164.308(a)(8), technical evaluations are a part of the HIPAA Security Rule, but with no testing methodology or requirement specified and enforcement of this area of the Rule by the Office for Civil Rights (OCR) inconsistent, many organizations are unsure as to what steps they need to take to comply. As a result, we find investments are often being made that don’t add significant value from either a compliance or a security standpoint.

During this webinar, Clearwater Senior Principal Consultant Jason Yorty, GXPN, GWAPT, CISSP, will offer insight on how you can take the right steps to test your environment and safeguard your organization.

Specific topics to be discussed include:

  • The difference between vulnerability assessments and penetration tests and the value they both can provide in many cases
  • The shortcomings of automated vulnerability scanning reports
  • Key technical testing steps that every organization should take

Related Blogs

With Us