The HIPAA Security Rule, as well as NIST and other standards, stipulate that a risk analysis and risk management process should be ongoing, and not a once and done process.
More than half (54%)* of all individuals affected by a healthcare information breach in the past twelve months were impacted by a breach that touched the affected organization’s server, according to data provided on the U.S. Department of Health and Human Services Office for Civil Rights Breach Portal: Notice to the Secretary of HHS Breach of Unsecured Protected Health Information. According to the data, ninety (90) healthcare breaches — affecting more than nine million individuals—were related to servers in some way.
Laptops quickly come to mind when security leaders think about potential vulnerabilities for their organization. They are highly portable, can be accessed remotely, and are at high risk for theft. CCI™ analyzed high and critical risks facing hospitals and health systems found in our database and summarized them based on Clearwater’s comprehensive method of evaluating administrative, technical, and physical vulnerabilities.
Clearwater delivers cyber risk management solutions to hundreds of healthcare delivery organizations and their partners. The enormous data set of cyber risk information stored in our IRM|Analysis™ database enables us to capture deep insights surrounding current cyber threats and identify trends that will help inform and prepare organizations to Manage Cyber Risk Right. Clearwater’s IRM|Analysis™ […]