Understanding the Purpose of NIST CSF Controls

Understanding the Purpose of NIST CSF Controls

The NIST Cybersecurity Framework was first released in 2014 with the purpose of promoting better risk management and innovation across the critical infrastructure sector in the US. Since then, it has been widely adopted around the world across a multitude of industries, including defense, healthcare, and legal.

What are the NIST Framework Core Functions?

What are the NIST Framework Core Functions?

The NIST Cybersecurity Framework seeks to better align business risk management with the rising demands of information security. To that end, it serves as the foundation for any robust cybersecurity strategy, and it is the basis of many industry-specific compliance regimes, such as HIPAA and CMMC.

What the new HIPAA compliance requirements mean for your business

What the new HIPAA compliance requirements mean for your business

Every organization within the healthcare sector, including their suppliers, is legally obliged to take every reasonable step to safeguard the confidentiality, security, and integrity of protected health information (PHI) according to the health insurance portability and accountability act. A failure to comply with HIPAA regulations can result in civil action and substantial fines, as well as ...

A Guide to New and Proposed HIPAA Regulations: What to Expect

A Guide to New and Proposed HIPAA Regulations: What to Expect

It's been several years since the Health Insurance Portability and Accountability Act of 1996 (HIPAA) was last updated, with the most recent changes being those pertaining to the Omnibus Rule in 2013. This revision saw the introduction of new requirements mandated by the Health Information Technology for Economic and Clinical Health (HITECH) Act.

A HIPAA compliance checklist for IT teams

A HIPAA compliance checklist for IT teams

As the digital transformation of healthcare continues to gain ground, adherence to the health insurance portability and accountability act (HIPAA) is more important than ever. The threats are real, and healthcare is a top target for attackers, so it’s never too soon to reevaluate your compliance posture.

5 ways to evaluate HIPAA-compliant storage services

5 ways to evaluate HIPAA-compliant storage services

The health insurance portability and accountability act (HIPAA) was introduced in 1996, when the information technology landscape looked very different to how it does today. As such, it is often difficult to interpret in the context of a modern IT environment, which typically makes use of a wide range of hosted services and mobile technologies. Neither of these things existed in any significant ...

5 HIPAA Compliance Tips to Help You Stay Compliant

5 HIPAA Compliance Tips to Help You Stay Compliant

The healthcare industry is the biggest target for cyberattacks because protected health information (PHI), which healthcare organizations handle on a daily basis, is extremely valuable. According to recent reports, the healthcare industry accounted for 79% of all reported breaches in 2020, with botnets, distributed denial-of-service attacks, and ransomware being the most common cyberthreats.

Why HIPAA Compliance Training Is Critical for Your Business

Why HIPAA Compliance Training Is Critical for Your Business

Does your healthcare facility provide services that require your employees to access and/or disclose a patient's protected health information (PHI)? If so, you should know the importance of complying with the regulations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Why a HIPAA Risk Analysis is Essential to Achieving Compliance

Why a HIPAA Risk Analysis is Essential to Achieving Compliance

Cyberattacks on healthcare organizations are nothing new. In fact, there has been a 45% increase in the number of cyberattacks on healthcare companies since November 2020. Since then, the weekly attacks rose from 430 in October to 626 per organization in November. This is why the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires all entities handling protected health ...

Examples of Unintentional HIPAA Violations: Ensure You Don’t Make Them

Examples of Unintentional HIPAA Violations: Ensure You Don’t Make Them

Every healthcare organization wants to avoid violating regulations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). According to HIPAA, only staff involved in patient care, healthcare billing, and other critical processes should have access to patient health information (PHI). Additionally, these people should have only minimal access to private data. In other ...