HIPAA and Internal Security Controls

Jul 6, 2023 Continuum GRC 0 Comment

In June 2023, the US. The Department of Health and Human Services (HHS) reached an agreement with Yakima Valley Memorial Hospital over a significant breach of privacy and security rules. Specifically, HHS found that several security guards had inappropriately accessed the private records of up to 419 patients.

This settlement demonstrated administrative and internal security is essential to Covered Entities and Business Associates. We will discuss these controls and what they mean for HIPAA-regulated organizations.

What Are the Biggest Challenges to Cybersecurity in 2023?

Jun 21, 2023 Continuum GRC 0 Comment

As we navigate through 2023, the digital frontier continues to expand, bringing forth numerous novel opportunities and, regrettably, a myriad of cybersecurity threats. These cyber threats are not simply an IT concern; they have profound implications for business continuity, customer trust, and national security.

Understanding these risks and their evolution is the first step in mounting an effective defense. This article will explore the most significant cybersecurity threats organizations face in 2023, providing insights into their nature, their potential impacts, and the steps you can take to safeguard against them.

What Are Risk Assessment Methodologies?

May 25, 2023 Continuum GRC 0 Comment

With the ever-increasing complexities of the IT and business environments, risk management has become crucially important for cybersecurity. Accordingly, risk management methodologies provide the blueprint for this anticipatory and strategic approach. They guide businesses in identifying potential threats, assessing their impact, devising effective responses, and monitoring progress.

This article will introduce some basics of risk management methodologies and how they fit with different risk-based security frameworks.