TPRM – Need for Change and The Way Forward
Third Party Risk Management (TPRM) is a key component of information security (infosec) programs and it requires significant focus. This is borne out by breaches in the news as well as known …
Healthcare Interoperability and Information Security : It Is Not About Compliance
Rarely do we encounter regulations that also have the potential of spurring innovation and generating significant positive outcomes in health, wellness and indeed the larger economy. That is exactly the nature …
How can Infosec GRC Deliver Wins in Risk Management?
Information security (infosec) risk management can often seem overwhelming and hard. Organizations can spend considerable resources on infosec programs or solutions, yet they may have challenges in implementing commensurate and demonstrable …
CCPA and Security Safeguards or Requirements
The California Consumer Privacy Act of 2018 (CCPA) is shaping up to be the most significant consumer privacy law passed in the United States in recent memory. The Act, which becomes …
IGA – Where Disruption and Change Couldn’t Come Fast Enough!
Welcome to the introductory post in our “Meaningful Outcomes” series on Identity Governance and Administration (IGA). If you are here and reading this, you probably do not need an introduction …
Security Logging and Monitoring for EHRs
If you are like most medium or large healthcare providers these days, your Electronic Health Record (EHR) environment is likely a very complex one. Such complexity brings with it a …
Is your auditor or consultant anything like the OPM OIG?
The OPM breach has been deservedly in the news for over a month now. Much has been written and said about it across the mainstream media and the internet1. …
No, Security-Privacy Is Not A Hindrance To TeleHealth Adoption
Since I follow the teleheath space rather closely from a security/privacy perspective, I was drawn yesterday to this article titled “How Health Privacy Regulations Hinder Telehealth Adoption”. From my experience, …
This is how the Anthem breach could have been stopped, perhaps
It has been just over a week since the Anthem breach was made public. Over this period, the mainstream media and many of the bloggers and commentators, as usual, have …
Docs turn up the heat on ONC! – Security Commentary
HealthcareITNews reported yesterday on this letter that was written by several physician organizations to the ONC. I wanted to write a couple of quick thoughts on the security aspects raised …
