Blog

Blog

Business Associate to Business Associate: A CISO’s Perspective on Applying Controls to Identified Risks

Business Associate to Business Associate: A CISO’s Perspective on Applying Controls to Identified Risks

April 21, 2021

Thoughtful selection, implementation, management, and monitoring of technical controls is required for ongoing risk management hygiene.

Read More
HR 7898: More Incentive for Healthcare Entities to Adopt Cybersecurity Best Practices

HR 7898: More Incentive for Healthcare Entities to Adopt Cybersecurity Best Practices

April 6, 2021

This new law requires the U.S. Department of Health and Human Services (HHS) to consider a healthcare entity’s adoption of cybersecurity best practices when determining the length and outcome of audits or the amount of fines or extent of penalties it will impose.

Read More
A Look at the Impact of the MD Anderson Court of Appeals Decision on OCR and Your Healthcare Entity

A Look at the Impact of the MD Anderson Court of Appeals Decision on OCR and Your Healthcare Entity

March 26, 2021

What we can learn from this to help better prepare your organization for potential interactions with OCR now and in the future?

Read More
Business Associate to Business Associate: A CISO’s Perspective

Business Associate to Business Associate: A CISO’s Perspective

March 17, 2021

In this blog and others that will follow in the series, it’s my goal to share insight on how we think about and approach the security of our solutions with other organizations that serve as Business Associates (BA) in the healthcare industry.

Read More
Understanding Insider Threats and How to Protect Your Organization

Understanding Insider Threats and How to Protect Your Organization

February 26, 2021

Insider threats across many industries are on the rise, and there’s no immunity for healthcare.

Read More
Key Things to Know About Proposed HIPAA Privacy Rule Changes

Key Things to Know About Proposed HIPAA Privacy Rule Changes

February 19, 2021

If the proposed changes become the final rule, the effective date will be 60 days from publication of the final rule.

Read More
How Enterprise Cyber Risk Management Can Facilitate Compliance Efficiency

How Enterprise Cyber Risk Management Can Facilitate Compliance Efficiency

February 2, 2021

HIPAA is not the only law that addresses data privacy and security within the healthcare industry.

Read More
EHRs and Ransomware: Protecting Your Crown Jewel

EHRs and Ransomware: Protecting Your Crown Jewel

January 15, 2021

Throughout this past fall, international criminal organizations asserted their dominance over the healthcare sector through ransomware.

Read More
Getting Proactive about the Ransomware Threat

Getting Proactive about the Ransomware Threat

January 11, 2021

Throughout this past fall, international criminal organizations asserted their dominance over the healthcare sector through ransomware.

Read More
Yesterday’s Cyber Risk is not Today’s Cyber Risk

Yesterday’s Cyber Risk is not Today’s Cyber Risk

January 5, 2021

Over the past 10 years, the healthcare industry’s understanding of cyber risk has evolved through four distinct phases, emphasizing four different aspects of cyber risk. Understanding these four different phases gives context for where healthcare cyber risk began and where it is now.

Read More

Thousands of professionals trust Clearwater to bring them the latest news and information on Compliance and Cybersecurity Risk Management.

Show Buttons
Hide Buttons