The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • A huge applause from the NIST-OCR-HIPAA 2015 conference

    September 09, 2015, Andrew Hicks, Managing Principal, Coalfire

    It looked like the 8th annual conference may have garnered record-breaking attendance as I noticed hotel staff rushing to add skirted tables and chairs to the back of the room to accommodate a standing-room-only crowd.  I guess that was to be expected given the star-studded line-up of presenters including HHS OCR Director Jocelyn Samuels, her brand new Deputy Director, Deven McGraw, and the OCR enforcer, Iliana Peters.  We also heard from government officials at the FTC, the ONC, NIST’s NCCoE, and the HHS Preparedness and Response office.  The audience responded to each session with a line of people trailing from the microphone set up for Q&A – and with excellent questions, too!

    Read more
  • Is penetration testing required for HIPAA compliance?

    June 22, 2015, Andrew Hicks, Managing Principal, Coalfire

    In this blog post we’re going to focus our discussion on the technical requirement part of this standard.  The evaluation is supposed to establish the extent to which a covered entity’s (or business associate’s) security policies and procedures meet the requirements of the HIPAA Security Rule.  A question is posed: how does an organization evaluate this requirement without performing specific technical testing?

    Read more
  • Final HITECH Act Stage 3 Meaningful Use Rules May Require Annual Risk Analysis plus a Risk Management Component

    June 03, 2015, Andrew Hicks, Managing Principal, Coalfire

    The comments are in and the HHS is scrambling to review them all before they issue the final Stage 3 Meaningful Use rules later this summer.  Comments from entities such as CHIME and HIMSS represent good news and bad news for healthcare providers, depending on how you look at it.  The HIPAA Security Rule has always required a risk analysis, but now there could be an annual requirement for risk analyses.

    Read more
  • Big news from the HITRUST 2015 conference: The HITRUST CSF is gaining momentum as the de facto framework amongst healthcare organizations

    May 29, 2015, Andrew Hicks, Managing Principal, Coalfire

    As the HITRUST 2015 conference in Grapevine, Texas ended, I was reminded of the numerous predictions that flagged 2015 the year of the [healthcare] breach.  And in just the first half of the year we’ve already witnessed three mega breaches that combined to compromise over 90 million patient records.  At the HITRUST conference attendees were greeted with a plethora of speakers ranging from payers and providers to service providers and certified practitioners, Coalfire included.

    Read more
  • Reporting LIVE from the HIMSS 2015 Cybersecurity Command Center

    April 30, 2015, Andrew Hicks, Managing Principal, Coalfire

    Well, it’s not exactly live anymore but it certainly was worth tweeting live from the brand new Cybersecurity Command Center (CCC) at HIMSS 2015 in Chicago a couple weeks ago given all the excitement.  The CCC was the place to be at HIMSS this year with standing room only at the educational sessions.  HIMSS staff members were busy adding rows of seating to the session area to fit all the attendees who were clamoring for valuable information delivered by numerous speakers from the FBI to the Secret Service to cyber risk subject matter experts.

    Read more
  • Displaying results 6-10 (of 27)
     |<  <  1 - 2 - 3 - 4 - 5 - 6  >  >| 

Recent Posts

Post Topics

Archives

Tags