Gone Phishin’: A fake account of real events – Understanding the Risk of Ransomware

by Sarah Harvey / June 14, 2023

Just an ordinary day in the IT Department Molly walked in to the IT department at the regional hospital where she’s worked for the last four years. Some mornings are more hectic than others. She could tell it was going to be “one of those days” as the help desk buzzed with activity – users locked out, systems down, Internet outages – but today, these conversations seemed a bit more…

Risky Business: Thoughts on ISO 27001 and Risk Management

by Joseph Kirkpatrick / December 19, 2022

Welcome to the inaugural Risky Business blog! The goal here is to provide education about the ISO 27001 standard and provide useful advice on how this framework can be used to solve many of your compliance and information security problems. I have been using ISO 27001 for over a decade as the foundation for information security programs that I’ve developed and directed, both for myself and for my clients, and…

Preparing for Phase 2 HIPAA Audit Compliance

by Sarah Harvey / June 13, 2023

The OCR has just announced that the Phase 2 HIPAA Audits have officially begun. The OCR is currently gathering information to determine which covered entities and business associates will be included in the auditee pool. If you haven’t already prepared for Phase 2 HIPAA Compliance, knowing where to begin may seem a bit overwhelming. Understanding the background of the OCR’s supervision of HIPAA Compliance is a good place to start…

Road to HIPAA Compliance: Risk Analysis and Risk Management

by KirkpatrickPrice / April 12, 2023

Risk Management for HIPAA Compliance Continuing down the Road to HIPAA Compliance, we will discuss what a risk assessment is, what that looks like according to HIPAA requirements, and how to analyze and manage risk.  What is a Risk Assessment? Why should you care about risk assessments? You must protect your assets, and to do that, we believe you need a formalized risk assessment. A risk assessment is a systematic process…

Third-Party Payment Processors: Risk and Regulation

by KirkpatrickPrice / April 12, 2023

Are you looking to learn about compliance risk and the importance of having effective compliance management systems? Are you unsure about what regulations apply to payment processing and need to review the regulatory landscape? Are you looking to learn about enforcement actions brought against banks and payment processors and what it could mean for you and your organization? This webinar educates listeners with an overview of third-party payment processors (TPPP),…