Gone Phishin’: A fake account of real events – Understanding the Risk of Ransomware

by Sarah Harvey / June 14, 2023

Just an ordinary day in the IT Department Molly walked in to the IT department at the regional hospital where she’s worked for the last four years. Some mornings are more hectic than others. She could tell it was going to be “one of those days” as the help desk buzzed with activity – users locked out, systems down, Internet outages – but today, these conversations seemed a bit more…

PCI Readiness Series: Penetration Testing

by KirkpatrickPrice / December 19, 2022

Building a Comprehensive Penetration Testing Methodology We often see clients struggling with the new requirements for penetration testing with regard to PCI compliance. The intent behind the new penetration testing methodology is to define the means and the methods by which a penetration test will be executed in your organization’s environment. Your organization’s penetration testing methodology should define the things that a penetration tester needs to do in order for…

Road to HIPAA Compliance: Policies and Procedures

by KirkpatrickPrice / December 19, 2022

How Policies and Procedures Can Help You Ace an OCR Audit This webinar gives insight into the purpose and the concepts of effective policies and procedures and what the Office for Civil Rights (OCR) is looking at when evaluating policies and procedures. Updated, well-documented and implemented policies and procedures are the basics of any regulatory compliance program. Outdated policies and procedures are the most common gap that we see when…

PCI Readiness Series: PCI Requirement 8

by KirkpatrickPrice / December 19, 2022

This session in our PCI Readiness Series dives into PCI Requirement 8, specifically about identifying and authenticating access to system components. In this webinar, we will cover strong, secure passwords in transmission and storage, disabling accounts for terminated employees and unused accounts, changing default passwords, and disabling generic accounts with shared usernames and passwords.  PCI Requirement 8 establishes non-refutability and authentication security, covers all systems and applications, and has…

Road to HIPAA Compliance: Breach Notification

by KirkpatrickPrice / December 19, 2022

What is the Breach Notification Rule? In this session, we discuss the Breach Notification Rule, define what a data breach is, discuss how long you have to report a breach, who to tell, and what to tell them. We also discuss strategies for reducing the risk of a data breach.  Data Breach FAQs What is a breach? A breach is the acquisition, access, use, or disclosure of unsecured protected…