Introduction As the world is more connected to digital life, state and federal agencies are issuing a growing number of standards and mandates focused on data privacy and protection. Across the U.S., many states—for example, California, Nevada, and Maine—have already...
In addition to being a HIPAA Security Rule requirement, conducting regular risk analyses is a fundamental business practice, yet many healthcare organizations struggle with the basics, from understanding Introduction Despite many warnings from the Office for Civil...
Introduction Organizations of all sizes struggle with embedding policies and procedures successfully into their day-to-day operations. That’s because for many, these policies fill binders and shared drives, overwhelming employees with pages and pages of instruction...
Latest Incidents Foreshadow Challenges Heading Into New Year
Outlines Key Shortcomings That Country’s National Health System Must Address
Wes Morris, Managing Principal Consultant, Clearwater, speaks with Andrea Lee Linna, Partner, McGuireWoods, about the key steps that can make the difference between an organization's effective response to a HIPAA data breach and one that sets it down a troublesome...
“It’s not about ultimate security. It’s about doing what’s right for the organization, and it should be business-driven,” said one expert at the HIMSS Healthcare Cybersecurity Forum.
Clearwater Compliance vice president for consulting services Cathie Brown stresses the need for cybersecurity collaboration between the board and IT pros.
This presentation is a recording of a web event given on 11/23/2021 by Clearwater Consultant, Chris Dowhan, OSCP, GREM, GWAPT Overview As defined in 45 CFR §164.308(a)(8), technical evaluations are a part of the HIPAA Security Rule, but with no testing methodology or...
How Can Other Healthcare Entities Better Prepare for Disruptive Attacks?