BLOG

Enhancing Cybersecurity in Healthcare: An Overview of the HPH CPGs 

As healthcare organizations increasingly rely on digital systems for patient care, they become attractive targets for cyber threats. Recognizing this crucial need, the U.S. Department of Health and Human Services (HHS) released the Healthcare and Public Health (HPH) Sector-Specific Cybersecurity Performance Goals, also known as HPH CPGs, on December 6, 2023. Read More

Navigating the Ripples of Change: HIPAA's 2023-2024 Evolution and Preparation Strategies for Healthcare Organizations 

The HIPAA landscape is no stranger to change. A regulatory cornerstone for safeguarding health data, the Health Insurance Portability and Accountability Act (HIPAA), continuously evolves to meet the complex demands of the modern healthcare ecosystem. With updates looming on the horizon, healthcare organizations must ready themselves to adapt to these statutory amendments. What will these revisions entail, and crucially, how can healthcare entities prepare? Read More

Implementing Cybersecurity Measures: Lessons from the HHS OCR Settlement

The U.S. Department of Health and Human Services' Office for Civil Rights (OCR) recently settled with Montefiore Medical Center, a non-profit hospital system in New York City, for several potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This incident underscores the importance of robust cybersecurity measures in healthcare organizations and provides valuable lessons for similar institutions.  Read More

SEC Adds Another Layer of Regulatory Requirements

In this article, we will discuss the SEC's adoption of new rules that require public companies to disclose material cybersecurity incidents and to provide annual disclosure of their cybersecurity risk management, strategy, and governance.  Read More