This presentation is a recording of a web event given on 1/19/2022 by Clearwater Senior Principal Consultant, Adam Nunn Overview As organizations look to invest more in cybersecurity, we recommend they build their program on a recognized framework. The NIST...
In August 2009, the Federal Trade Commission (FTC) issued the Health Breach Notification Rule (Breach Rule), which requires vendors of personal health records and related entities to provide notice to consumers following a breach. After over a decade without any...
Ranking in Black Book’s Survey of Nearly 3,000 Security and IT Professionals Affirms Breadth and Strength of Company’s Expertise and Capabilities
In statements throughout his tenure as Director of HHS' Office for Civil Rights from 2017-2021, Roger Severino was repeatedly critical of organizations for not performing a risk analysis or taking action to mitigate identified risks, as required by the HIPAA Security...
Incident Is Latest Reminder of Business Associate Security Risks
Introduction The HIPAA Security Rule, is a set of national standards designed to help organizations protect PHI that’s created, received, used, or maintained by a healthcare covered entity, with compliance expectations that extend to business associates as well....
Introduction Across the healthcare industry, large physician groups are becoming increasingly common, as investors bring disparate physician practices together to keep up with healthcare challenges and ever-more complex treatment and service delivery needs. Today,...
Protecting PHI: The Buck Stops Here for BAs Introduction With both increased OCR investigations and settlements, many healthcare organizations and business associates are now requesting professional guidance and employing industry recognized tools to help better...
Introduction As the world is more connected to digital life, state and federal agencies are issuing a growing number of standards and mandates focused on data privacy and protection. Across the U.S., many states—for example, California, Nevada, and Maine—have already...
By Bob Chaput, CISSP, HCISPP, CRISC, CIPP/US C/EH Founder & Executive Chairman Introduction The business case for cyber risk management is clear. A cyber incident can lead to consequences that threaten the care and safety of patients. Cyber incidents can also...