One of the many challenges you probably face as a business owner is dealing with the vague requirements present in HIPAA and PCI-DSS legislation. Due to the unclear regulatory messaging, “assuming” rather than “knowing” can land your organization in hot water with regulators. Are you taking a risk? Do you know if you are non-compliant? The Health and Human Services (HSS) Office for Civil Rights receives over 1,000 complaints and notifications of HIPAA violations every year.1 When it comes to PCI-DSS, close to 70% of businesses are non-compliant.2 While you
Category Archives: HIPAA Compliance
What are You Risking with Non-Compliance?
A ‘Compliance First’ Mindset Limits Liabilities
By adopting a Compliance First strategy, you will identify vendors and solutions that do not comply with your requirements. Then, you can eliminate them from your selection process, and select from the rest. It also means evaluating your current solutions and vendors and replacing those that cannot support your compliance requirements. In simple terms, compliance is anything someone else makes you do. This means laws, regulations, contracts, and even the terms of a cyber insurance policy. Failure to act responsibly can have devastating results. Your business could endure hefty penalties,
How is your Cybersecurity Health?
Ideally, we have a health physical once a year. We assess what we are doing right, what we are doing wrong, and make modifications to our overall wellness plan as needed. Hopefully, nothing is wrong, and we can proceed with the usual cautions and goals of maintaining a long and productive life. The same could be said for our cyberhealth. How’s your Healthcare Cybersecurity Program? Did you make adjustments to meet the challegnes? This year, we not only had an unexpected curveball thrown at our businesses and networks, but we weren’t