Union Benefits Administrator Says Data Deleted in Hack

by admin | Jun 15, 2021 | In the News

Business Associate to Business Associate: Selecting an Information Security and Privacy Framework

by Henry Sprafkin | Jun 7, 2021 | Blog

The first two installments in this series focused on risk management and risk-based control selection. While not a requirement, it is best to build the security control library based on an established control framework. There are over 200 different risk management,...

Health Data for Millions Deleted From Cloud Bucket

by admin | Jun 3, 2021 | In the News

8 Key Terms to Drive a Productive Dialogue About Enterprise Cyber Risk Management

by Bob Chaput | Jun 1, 2021 | Blog

When the executive team and board are discussing this quarter’s financial results, it is important that everyone understands terms like revenue, operating margin, and net income. Any ambiguity in the understanding of those terms can lead to miscommunication....

The Realities and Legalities of Risk Analysis and Risk Management in Healthcare

by Jon Moore | May 17, 2021 | Blog

Under the HIPAA Security Rule, covered entities and business associates are required to perform risk analysis on all systems that create, receive, maintain, or transmit electronic protected health information. In 2010, the Office for Civil Rights (OCR) published...