Avoid oversights in HIPAA risk management
Rich Curtiss, Director, Healthcare Cyber Risk Services, Coalfire
Since HIPAA regulations first came about in 1996, organizations have looked for ways to analyze and manage risk within this complex framework. Although guided by the HIPAA Security Rule as well as additional guidance from the U.S. Department of Health and Human Services (HHS) and Office for Civil Rights (OCR), healthcare entities and business associates still struggle with the cybersecurity risk analysis component.
Coalfire ramps up for StateRAMP — What you need to know…
Jason Oksenhendler, Director, FedRAMP Advisory Services, Coalfire
There has been a lot of buzz during the past year or so about StateRAMP (SR). SR was an idea born out of helping state and local governments efficiently and effectively verify cybersecurity and manage third-party risk. SR is a 501-c6 non-profit, membership-based organization based in Indiana and after April 1st, cloud service provider (vendor) memberships and assessments will begin. Here is an FAQ we put together on StateRAMP.
Waking up to the new realities of privacy risk and the need for focused expertise
David Forman, VP, Privacy and International Assurance, Coalfire
Last month, Coalfire announced that our certification body was awarded yet another of many “firsts.” In this scenario, Coalfire was the first to expand its registration to a second accreditation body as part of its certification services related to ISO 27701, a framework that governs the activities of privacy information management.