Modern security and risk frameworks often focus on a limited set of concerns–security controls, external threats, insider threats, upgrading or updating systems, etc. But, as the relationships between security, business continuity, and system reliability become more complex in our data-saturated environment, organizations must have equally robust system support in place to ensure that information remains secure and available at all times. 

ISO 22301, “Security and resilience–Business continuity management systems–Requirements,” the International Organization for Standardization (ISO) defines a broad set of standards that organizations can implement to focus on business continuity and resilience. 

Read More

If you’re plugged into the world of cybersecurity, then you’ve most likely come across breathless reports of new “zero-day” vulnerabilities hitting the wild. And, on the surface, these sound terrible… but do you understand what that means?

A zero-day exploit is a significant, but not world-ending, security flaw affecting systems without anyone having noticed them yet. Rather than a cause for worry, these issues call us to remain ever-vigilant against potential security issues and our responses to them. 

Read More

Protecting patient information is a crucial and necessary part of healthcare… but so is communicating effectively with patients. Considering that email continues to be the most common form of electronic communication, it stands to reason that providers meet patients where they are. 

However, HIPAA regulations have rather strict requirements for protecting PHI, and plain email just doesn’t cut it. Here, we’ll discuss how to effectively use email to engage with patients without breaking compliance.

Read More