BLOG

One of the frequent topics of discussion with my SOC 2 clients is the possibility of integrating the Health Insurance Portability and Accountability Act, as amended, (HIPAA) standards with their existing SOC 2 control set. As either a covered entity or business associate, they are required to comply with the HIPAA regulations. Read More

At the advent of what seems to be the most significant technical leap since the introduction of the internet, organizations and individuals alike are struggling to reconcile the remarkable benefits of Artificial Intelligence (AI) with its capacity to make equally negative impacts. To guide general adoption and proper use, healthcare organizations and the industry at large have begun to leverage a prevailing discipline: Responsible AI. Read More

Artificial Intelligence (AI) systems, including natural language processing, machine learning applications, and continued emerging applications of AI, hold immense promise for the healthcare industry. However, the rapid evolution of these technologies introduces new risks, terminologies, and complexities. Trust in AI systems is paramount, ensuring they operate with the expected quality and integrity while meeting governance, ethical, and legal standards. In response to the evolving AI landscape, HITRUST introduces its AI Assurance Program, the first and only program with the ability to demonstrate compliance with AI assurance controls. Read More

Meditology has long been at the forefront of healthcare cybersecurity, aiding organizations in navigating the labyrinth of digital threats and compliance complexities. With our industry expertise, we bring a unique and authoritative perspective on the pivotal changes needed in the healthcare sector's approach to cybersecurity post the Change Healthcare incident. We believe the established norms of information security must evolve into a narrative of proactive incident response and cyber resilience. Read More

As healthcare organizations increasingly rely on digital systems for patient care, they become attractive targets for cyber threats. Recognizing this crucial need, the U.S. Department of Health and Human Services (HHS) released the Healthcare and Public Health (HPH) Sector-Specific Cybersecurity Performance Goals, also known as HPH CPGs, on December 6, 2023. Read More

As healthcare organizations increasingly rely on digital systems for patient care, they become attractive targets for cyber threats. Recognizing this crucial need, the U.S. Department of Health and Human Services (HHS) released the Healthcare and Public Health (HPH) Sector-Specific Cybersecurity Performance Goals, also known as HPH CPGs, on December 6, 2023. Read More

The HIPAA landscape is no stranger to change. A regulatory cornerstone for safeguarding health data, the Health Insurance Portability and Accountability Act (HIPAA), continuously evolves to meet the complex demands of the modern healthcare ecosystem. With updates looming on the horizon, healthcare organizations must ready themselves to adapt to these statutory amendments. What will these revisions entail, and crucially, how can healthcare entities prepare? Read More

As the cybersecurity expert at your organization, the number of acronyms that daily cross your radar can be overwhelming. How do you cut through the acronyms, the conflicting regulatory requirements, and the differing opinions on which industry standard best meets the needs of your organization?  Read More