by John Howlett | Mar 9, 2022 | Blog
For nearly two decades, the U.S. Health and Human Services (HHS) Office for Civil Rights (OCR) has been responsible for enforcing HIPAA requirements, starting in 2003 with enforcement of the HIPAA Privacy Rule, and then the HIPAA Security Rule beginning in 2009....
by Bob Chaput | Feb 2, 2021 | Blog
How Enterprise Cyber Risk Management Can Facilitate Compliance Efficiency HIPAA is not the only law that addresses data privacy and security within the healthcare industry. There are many other laws and regulations which apply to specific types of data and/or...
by Jon Moore | Jan 15, 2021 | Blog
Last year, more than a dozen health systems were driven into EHR downtime by ransomware attacks. The EHR is the information system equivalent to the heart of a healthcare provider. All-important patient information flows through these critical information systems. In...
by Jon Moore | Jan 11, 2021 | Blog
Throughout this past fall, international criminal organizations asserted their dominance over the healthcare sector through ransomware. By the end of November, more than a dozen health systems were driven into EHR downtime by ransomware attacks. The pandemic’s...
by Bob Chaput | Jan 5, 2021 | Blog
Over the past 10 years, the healthcare industry’s understanding of cyber risk has evolved through four distinct phases, emphasizing four different aspects of cyber risk. Understanding these four different phases gives context for where healthcare cyber risk...
