BLOG

Implementing Cybersecurity Measures: Lessons from the HHS OCR Settlement

The U.S. Department of Health and Human Services' Office for Civil Rights (OCR) recently settled with Montefiore Medical Center, a non-profit hospital system in New York City, for several potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This incident underscores the importance of robust cybersecurity measures in healthcare organizations and provides valuable lessons for similar institutions.  Read More

SEC Adds Another Layer of Regulatory Requirements

In this article, we will discuss the SEC's adoption of new rules that require public companies to disclose material cybersecurity incidents and to provide annual disclosure of their cybersecurity risk management, strategy, and governance.  Read More

The Evolving Role of a Security Assessor

As the cybersecurity and regulatory landscapes continue to change and escalate, healthcare organizations find themselves juggling a myriad of priorities within their security strategy. They must ensure they have adequate assurance options while dealing with the increasing intertwining of cybersecurity with other functions such as procurement, compliance, and digital transformation.  Read More