In this episode of The Clear Perspective, Kim Singletary sits down with Jacob Goodson, Principal Consultant and Virtual CISO at Clearwater, to explore how strategic cybersecurity and compliance planning can support operational scalability, ensure regulatory compliance, and drive business success—whether through organic growth, acquisition, or partnerships.
PCI DSS 4.0 introduces new guidelines that require organizations to define, evaluate, and document significant changes in their cardholder data environments. But what exactly counts as a “significant change,” and how should businesses categorize and track them? Our expert guests provide practical insights and recommendations to help organizations stay compliant.
In this episode, we discuss some challenges first-time clients encounter when seeking HITRUST. Clearwater HITRUST Assessors will discuss the paths of a validated e1 and an i1 certification and clarify the various ways to indicate how an organization assesses and responds to the controls it has in scope for its assessment. They also discuss when and how to use the non-applicable vs. zero population. If you’re curious about these nuances, listen to the discussion.
Clearwater received top rankings for its robust cybersecurity framework and compliance solutions.
With the recent announcement of proposed changes to the HIPAA Security Rule, the U.S. Department Health and Human Services (HHS) has signaled a desire to strengthen the cybersecurity practices of regulated entities by updating the Rule’s standards to better address...
How Security Leaders Can Build Stronger Defenses Against Rising Vulnerabilities
7 Texas Health and Human Services Workers Fired in Incident Affecting 61,000 People
The Department of Health and Human Services Office for Civil Rights (OCR) has made risk analysis a top priority in its enforcement of Health Insurance Portability and Accountability Act (HIPAA) compliance. Dawn Morgenstern, Senior Director of Consulting Services and...
Andrew Mahler, Vice President of Privacy and Compliance Services, Clearwater, speaks with Jordan Cohen, Partner, Akerman LLP, about managing cybersecurity and data privacy risk during the due diligence process for health care transactions. They discuss the five key...
In Part 1 of this blog, I provide an overview of OCR’s proposed changes to the HIPAA Security Rule, some commentary on the background, rationale and the potential impact on healthcare, descriptions of key changes in definitions, and OCR’s broader themes. In Part 2, I will dive into specific proposed new or updated standards and implementation specifications and speculate on what may happen next.