Checkout the latest regulatory compliance updates and tips from ComplyAssistant.
On top of our updates and tips we often publish free tools and webinars to help the compliance community.
Businesses must have frameworks and benchmarks to align their work with. This is especially true when it comes to digital security. There are two important guidelines toward this aim: the NIST (National Institute of Standards and Technology) cybersecurity framework (CSF) and the ISO (International Organization for Standardization) CSF. But what are these two frameworks, and […]
If you’re covered by HIPAA, then you’re required to have certain policies and procedures for HIPAA compliance. However, that’s easier said than done. You’re probably wondering how often HIPAA training is required. In this post, we’ll discuss HIPAA training requirements so that you can stay in full compliance with essential regulations. Read More: HIPAA Compliance […]
Working with third party vendors to provide services is nothing new. Yet a focus on vendor risk management has recently emerged. This is partially due to compliance, cybersecurity, and productivity. But in this post, we’ll answer the question, “Why is vendor risk management important?” And we’ll share some powerful ways to manage your third-party risk, […]
Why are so many healthcare organizations implementing a robust cybersecurity framework today? Perhaps it’s due to the fact that such attacks can erase patient and partner trust in your organization. Of course, the larger issue looming is that these breaches can put patient safety at risk. So in an era in which cyber attacks are […]
Building an information security program comes with several challenges. Complying with industry regulations and rules is one of them. However, when you have cybersecurity categories, they help you inform your strategy for compliance. You can minimize risk and ultimately provide better outcomes for you and your patients. So in this article, let’s talk about some […]
Technology is making a large impact for healthcare in today’s day and age. But how has technology affected healthcare compliance? While technology can help you maintain organizational KPIs, it also has unique challenges that you might face. So in this article, let’s talk about five ways that technology is impacting healthcare compliance. How Technology Has […]
In the healthcare industry, HITRUST and HIPAA are often used together when speaking about regulations and compliance. Both of these concepts are incredibly important for any healthcare firm. However, they have some unique characteristics that you should know about. And truly, what is the difference between HIPAA and HITRUST? Well, hiring a HIPAA consultant is […]
ComplyAssistant’s Gerry Blass comments on the biggest threats to healthcare organizations that we should be concerned about in Healthcare IT Today’s “The Ever Evolving World of Cybersecurity Threats” article. In January 2021, HHS’s Health Industry Cybersecurity Practices (HICP) rule was signed into law. It is an extension of the HIPAA/ HITECH Security Rule and identifies […]
ComplyAssistant’s Gerry Blass comments on managing vendor relationships with due diligence and the importance of cybersecurity breach response plans in Digital Health Insight’s “5 Tips for Preventing Healthcare System Cyberattacks” article from January 11, 2023. Manage vendor relationships with due diligence: “Outsourcing is pivotal to a growing organization, but it’s important to vet the organizations […]
The evolution of the risk of successful cyberattacks has been evident since 2010—when the Affordable Care Act was signed and resulted in a transition from paper to electronic medical records. Healthcare organizations began implementing new electronic medical record applications to comply with meaningful use (MU) requirements. Over the years, MU has introduced new criteria with a heavy focus on interoperability among applications. The combination of MU efforts, merger and acquisition activity, and the pandemic-induced remote workforce have increased healthcare organizations’ risk profiles, remaining a prime target for cyberattackers to do what they do best.