Compliance Tips

An article released by Gartner reported that by the year 2025, cyberattackers will have weaponized operational technology (OT) environments to successfully harm or kill humans. OT attacks, also known as attacks on hardware and software that monitors or controls equipment, assets, and processes, are on the rise. Consider the ransomware attack on the Colonial Pipeline, for example. Effects were felt up and down the East Coast, resulting in a payout of $4.4 million and damage to hospitals, emergency medical services, and law enforcement agencies.

When looking for a new GRC software platform, it’s important to have one with all the latest features including task management, audits, and more.

Healthcare risk doesn’t stop at the facility’s door. Covered entities have countless business associates (BA), each of which poses risks of its own. That, in and of itself, is a challenge, but Gerry Blass, President and CEO of ComplyAssistant observes in this podcast that many covered entities aren’t even sure of their complete list of vendors, let alone the risks that can reside in them.

In today’s ever-changing cyber landscape, we talk a lot about what measures to take if you have experienced a data breach or ransomware attack. Who do I call if my patient’s health information has been comprised? Do I need to pay the ransom? How long will my organization be down and disrupt the continuity of care?

In today’s busy world it’s not uncommon for organizations to outsource work to third-party vendors. This can be a great benefit for many reasons: less pressure on the internal team, more time for other pressing tasks, expertise in areas that require more guidance and operational control and efficiency, to name a few.

The world of health information management (HIM) continues to evolve. Larger percentages of information have moved to digital and online. At the same time, more health data is being shared across a wider playing field of public, private, and consumer stakeholders, including a larger virtual workforce. This vast amount of electronic healthcare data now resting in multiple hands raises the bar for health systems’ cybersecurity diligence.

ComplyAssistant’s President and CEO Gerry Blass and Community Options’ Director of Technology Jason Tahaney recently authored an article in HCCA’s Compliance Today magazine titled “How Simplifying your IT Environment can Bolster Security.” The article provided important tips and best practices for CIOs to keep in mind. As the present-day cybersecurity environment continues to be ravaged by hackers and scammers, this article serves as a reminder that sometimes the best tools for mitigating risk are in your own backyard.

ComplyAssistant President and CEO Gerry Blass recently sat down with Healthcare IT Today Editor and Founder John Lynn to discuss “The Impact of Ransomware on Healthcare Disaster Recovery and Business Continuity and Practical Steps to Improve.” Throughout the conversation, Blass shared his expert advice on why all organizations need a Disaster Recovery Business Continuity (DRBC) plan and offered useful tips for mitigating risks within your organization.

In the aftermath of the COVID-19 pandemic, it’s more important than ever for healthcare providers to maintain industry standards for patient care within their respective enterprises. State departments of health (DOHs) are taking a closer look at emergency preparedness plans with a more intentional focus on pandemic response through the implementation of spot or “surprise” audits.