Navigating the Ripples of Change: HIPAA's 2023-2024 Evolution and Preparation Strategies for Healthcare Organizations 

The HIPAA landscape is no stranger to change. A regulatory cornerstone for safeguarding health data, the Health Insurance Portability and Accountability Act (HIPAA), continuously evolves to meet the complex demands of the modern healthcare ecosystem. With updates looming on the horizon, healthcare organizations must ready themselves to adapt to these statutory amendments. What will these revisions entail, and crucially, how can healthcare entities prepare? Read More

Implementing Cybersecurity Measures: Lessons from the HHS OCR Settlement

The U.S. Department of Health and Human Services' Office for Civil Rights (OCR) recently settled with Montefiore Medical Center, a non-profit hospital system in New York City, for several potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This incident underscores the importance of robust cybersecurity measures in healthcare organizations and provides valuable lessons for similar institutions.  Read More

SEC Adds Another Layer of Regulatory Requirements

In this article, we will discuss the SEC's adoption of new rules that require public companies to disclose material cybersecurity incidents and to provide annual disclosure of their cybersecurity risk management, strategy, and governance.  Read More

The Evolving Role of a Security Assessor

As the cybersecurity and regulatory landscapes continue to change and escalate, healthcare organizations find themselves juggling a myriad of priorities within their security strategy. They must ensure they have adequate assurance options while dealing with the increasing intertwining of cybersecurity with other functions such as procurement, compliance, and digital transformation.  Read More