Horror Stories: Facebook Fallout

by Sarah Harvey / June 14, 2023

In late September, Facebook gave a new security update, outlining a breach that has impacted 50 million users – Facebook’s largest breach ever. The social network has been under intense scrutiny this year after the Cambridge Analytica scandal and has been redirecting their security team since the departure of their chief security officer, Alex Stamos. With the midterm elections coming up, this massive breach couldn’t have come at a worse…

GDPR Readiness: Conditional Requirements

by Sarah Harvey / December 16, 2022

Because of the complexity and ambiguity of GDPR, it’s difficult for organizations to determine which requirements are absolute and which are conditional. These requirements can have a significant impact on budget, leadership, policies, and the project plan for compliance. In this webinar, KirkpatrickPrice’s Director of Regulatory Compliance, Mark Hinely, leads a discussion on mandatory versus conditional requirements, provides in-depth examples of conditional requirements, and explains the implications of treating conditional…

Preparing for a HITRUST CSF Assessment

by Sarah Harvey / February 9, 2023

How to Prepare for a HITRUST CSF Assessment If you’re managing healthcare data, it’s critical from a business and reputational standpoint to protect yourself from risk and maintain a strong relationship with your clients who are also trying to mitigate their risks. HITRUST certification is a great way to ensure this is happening. The HITRUST Common Security Framework, or CSF, is a certifiable framework that provides organizations with a comprehensive,…

Horror Stories: Million Dollar Malware Losses

by Sarah Harvey / June 14, 2023

What would it feel like to show up to work and discover your organization has been hit by a malware attack? Servers, phones, email, backups – they’re all down. You must put business continuity training into action, contact your clients, contact your vendors, control the news cycle, and calm the nerves of your team. Becoming a victim of a malware attack is most executives’ cybersecurity nightmare, and one that became…

Using the HITRUST CSF Maturity Model

by Sarah Harvey / December 16, 2022

Organizations are often overwhelmed by the technical terminology and the number of requirements in the HITRUST CSF. However, while the HITRUST CSF may be daunting at first glance, the HITRUST CSF is not like any other framework. Achieving HITRUST CSF certification goes beyond showing whether or not you’re doing something, but instead it shows how well you’re doing it. In order to do this,  organizations are scored on how well…