Enforcement Trends: Lessons from the HIPAA Privacy Rule

by Sarah Harvey / December 20, 2022

Enforcement of the HIPAA Privacy Rule The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) enforces the HIPAA Privacy Rule. Enforcement trends are the most direct way that the OCR can tell us what or where they’re looking at. In the most recent enforcement results, the OCR reports that it has received over 171,161 complaints since the HIPAA Privacy Rule took effect in 2003. These complaints…

How Does the HIPAA Privacy Rule Affect Your Practice?

by Sarah Harvey / December 15, 2022

Many business associates and covered entities are already overwhelmed with responsibilities, so it can be a struggle to find the staff and resources to dedicate to managing strict regulatory demands. In our highly data-driven world, ensuring the privacy of customer data, specifically protected health information (PHI) and patient data, is becoming a top priority of organizations worldwide. In the world of healthcare, the HIPAA Privacy Rule exists to aid business…

Top Cybersecurity Trends for 2018

by Sarah Harvey / June 14, 2023

It’s the beginning of a new year, and everyone wants to know what cybersecurity trends to look out for in 2018. 2017 left a lot of destruction in its wake from cybersecurity attacks and high-profile breaches. And while we can’t 100% say what is to come, we’ve compiled a few cybersecurity predictions based on what we do know. Here are five of the top cybersecurity trends for 2018: Five Cybersecurity…

PCI Requirement 9.1.2 – Implement Physical and/or Logical Controls to Restrict Access to Publicly Accessible Network Jacks

by Randy Bartels / May 31, 2023

Controls for Publicly Accessible Network Jacks To ensure that visitors cannot exploit network jacks, PCI Requirement 9.1.2 requires that organizations implement physical controls and/or implement logical controls that restrict access to publicly accessible network jacks. The PCI DSS also explains, “Restricting access to network jacks will prevent malicious individuals from plugging into readily available network jacks and gain access into internal network resources. Whether logical or physical controls, or a…

PCI Requirement 9.1 – Use Appropriate Facility Entry Controls to Limit and Monitor Physical Access to CDE

by Randy Bartels / May 31, 2023

Limit and Monitor Physical Access Applying the appropriate physical security and facility entry controls are vital to complying with PCI Requirement 9.1, which states, “Use appropriate facility entry controls to limit and monitor physical access to systems in the cardholder data environment.” Wherever your cardholder data lives, it must be protected. Complying with PCI Requirement 9.1 comes in two parts: limit and monitor. Your organization must limit physical access to…