Blog

Using your HIPAA Risk Analysis

by Sarah Harvey / June 14, 2023

Congratulations! You’ve completed your initial comprehensive HIPAA risk analysis, no easy task. You’ve gone through the process and planned for and scoped your environment. You’ve identified your risks, threats, and vulnerabilities, and all of the associated requirements necessary to conduct and complete a HIPAA risk analysis. So, now what? Let’s focus on five important steps for using your HIPAA risk analysis; Internal Reporting, Management Responsibilities, Corrective Action, Monitoring, and Auditing.…

Using Your Risk Analysis

by Sarah Harvey / April 12, 2023

What To Do With Your Completed Risk Analysis Completing a comprehensive HIPAA risk analysis is a big achievement and puts you in rare company…but you’re not done yet. Once you've completed your HIPAA risk analysis, your organization should be asking: What are we doing to do with this risk? Has management reviewed this and agreed? How can we use this information to improve? A mature risk management program doesn’t ask,…

Who must be HIPAA Compliant?

by Sarah Harvey / December 19, 2022

Who must be HIPAA Compliant, and how can they prepare? If you are just beginning to learn about HIPAA, you may be wondering, "Who must be HIPAA Compliant?" Up until 2009, the answer was simple: Covered Entities. But when the Health Information Technology for Economic and Clinical Health (HITECH) Act passed, it expanded the oversight of the Office for Civil Rights (OCR) to Business Associates. The HITECH Act was passed…

Compliance is Never Enough: Hardening and System Patching

by Sarah Harvey / December 19, 2022

Best Practices for Patch and Vulnerability Management Programs 75% of the assessments that we do will generally have a finding regarding patching. So, what’s missing? What can we do to change that? In this webinar, Jeff Wilder discusses best practices for patch management programs, best practices for vulnerability management and identification programs, false assumptions about patching, risk ranking, and recommended tools. Patch management should only be a part of…

Best Practices for Managing Firewall and Router Security

by Sarah Harvey / June 14, 2023

When you look at the threat landscape today and the organizations that have experienced a data breach (Target, Home Depot, Arby’s), they all have a common denominator – they were all compliant. They had been checking the boxes like they were asked to do. So, when it seems that compliance isn’t enough, how can we ensure that we are secure? Organizations today should use these examples as motivation to focus…

Using your HIPAA Risk Analysis

Using Your Risk Analysis

Who must be HIPAA Compliant?

Compliance is Never Enough: Hardening and System Patching

Best Practices for Managing Firewall and Router Security

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.