Compliance Tips

An article released by Gartner reported that by the year 2025, cyberattackers will have weaponized operational technology (OT) environments to successfully harm or kill humans. OT attacks, also known as attacks on hardware and software that monitors or controls equipment, assets, and processes, are on the rise. Consider the ransomware attack on the Colonial Pipeline, for example. Effects were felt up and down the East Coast, resulting in a payout of $4.4 million and damage to hospitals, emergency medical services, and law enforcement agencies.

When looking for a new GRC software platform, it’s important to have one with all the latest features including task management, audits, and more.

In today’s ever-changing cyber landscape, we talk a lot about what measures to take if you have experienced a data breach or ransomware attack. Who do I call if my patient’s health information has been comprised? Do I need to pay the ransom? How long will my organization be down and disrupt the continuity of care?

The news late last year around Project Nightingale aroused interest from both healthcare organizations and the public on how and when protected health information (PHI) should be shared. With new technologies, new entrants to the healthcare market, how can healthcare providers balance HIPAA, cybersecurity protections, and the need to easily share data to improve patient care?

Looking to fill resource gaps on your IT team? Virtual CISO consulting services could be the answer – learn 4 reasons to consider hiring a vCISO

Are you looking to purchase vendor risk management software for your healthcare organization? Our fundamental guide outlines the features and functionality to look for when evaluating solutions, along with an expanded definition of what constitutes a “business associate” and the types of business data to be protected when working with third parties.

Over the course of 2019, we covered a variety of security and compliance topics, including security risk audits, HIPAA compliance, employee compliance training, and executive leadership and IT governance.

Though these issues are still relevant going into a new decade, we predict a renewed – or even evolved – outlook on four specific areas of security and compliance strategy.