Securing protected health information (PHI) is one of the paramount cybersecurity concerns of many organizations, both inside and outside the healthcare industry. This information, if released to unauthorized parties, could lead to significant personal harm to patients that organizations must avoid at all costs. 

The Healthcare Insurance Portability and Accessibility Act (HIPAA) governs the protection of PHI, and in doing so, provides the framework by which healthcare organizations must act toward that mission. However, HIPAA isn’t the only source of truth for securing PHI. For additional guidance, compliance and security officers and technical managers will look to another document, NIST 800-66. 

Read More

The Healthcare Insurance Portability and Accountability Act (HIPAA) is one of the more complex regulations in the U.S., due in no small part to the complicated and open-ended nature of the law. 

What should companies do? In this case, covered organizations are turning to risk-based assessments to help them support their security approaches. 

Here, we will discuss how risk plays a role in the rule of HIPAA law. 

Read More

We often take digital identity for granted… We create accounts all over the Internet for various services, but rarely think about the information that sits in a server for every company we interact with. Furthermore, we rarely think about the potential for fraud related to those identities and how that potential threat impacts finance or military defense businesses. That’s why, when it comes to crucial industries, digital identity verification is necessary.

Read More