Blog

Road to HIPAA Compliance: Privacy Rule – Privacy Notices and Consumer Complaints

by KirkpatrickPrice / December 19, 2022

What is the Privacy Rule? If you’ve been following along with our Road to HIPAA Compliance webinar series, congratulations - we’ve made it to the middle of the road! We are halfway to knowing all about HIPAA compliance. In this session, we’re covering the Privacy Rule, Notice of Privacy Practices, and handling consumer complaints. The Privacy Rule exists so that patients know they have rights, and that those rights…

PCI Readiness Series: PCI Requirement 9

by KirkpatrickPrice / December 19, 2022

PCI Requirement 9: Restrict Physical Access to Cardholder Data PCI Requirement 9 evaluates all aspects of physical security controls to cardholder data – updated devices, visitor badges, security cameras, etc. The PCI DSS states, "Any physical access to data or systems that house cardholder data provides the opportunity for individuals to access devices or data and to remove systems or hardcopies, and should be appropriately restricted." There are ten sub-requirements…

A HITRUST CSF Audit Can Take the Guesswork out of HIPAA Compliance Assessments

by Sarah Harvey / June 14, 2023

Are you looking for a healthcare compliance audit solution? Has someone asked your organization to demonstrate that you are HIPAA certified? Are you confused by what “HIPAA certified” even means? KirkpatrickPrice offers SOC 2 audits with a HITRUST CSF (common security framework) component designed to take the confusion and guesswork out of HIPAA compliance assessments. The difference between SOC 2 vs. HIPAA is that they are audits over two different…

Gone Phishin’: A fake account of real events – Understanding the Risk of Ransomware

by Sarah Harvey / June 14, 2023

Just an ordinary day in the IT Department Molly walked in to the IT department at the regional hospital where she’s worked for the last four years. Some mornings are more hectic than others. She could tell it was going to be “one of those days” as the help desk buzzed with activity – users locked out, systems down, Internet outages – but today, these conversations seemed a bit more…

PCI Readiness Series: Penetration Testing

by KirkpatrickPrice / December 19, 2022

Building a Comprehensive Penetration Testing Methodology We often see clients struggling with the new requirements for penetration testing with regard to PCI compliance. The intent behind the new penetration testing methodology is to define the means and the methods by which a penetration test will be executed in your organization’s environment. Your organization’s penetration testing methodology should define the things that a penetration tester needs to do in order for…

Road to HIPAA Compliance: Privacy Rule – Privacy Notices and Consumer Complaints

PCI Readiness Series: PCI Requirement 9

A HITRUST CSF Audit Can Take the Guesswork out of HIPAA Compliance Assessments

Gone Phishin’: A fake account of real events – Understanding the Risk of Ransomware

PCI Readiness Series: Penetration Testing

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.