Follow us on

BLOG

HITRUST Releases Version 9.5 | Implications for Healthcare Organizations

One of the many, many things we’ve learned over the last year or more of living and working through a pandemic, is that cybersecurity needs to evolve with the changing threat landscape. Likewise, the regulatory landscape and the security related frameworks we rely upon must attempt to keep pace. HITRUST is no exception as they seek to constantly evolve and update the HITRUST CSF, certifications, and processes. Read More

Published On September 15, 2021

White House and FDA Launch New Medical Device Security Plan

The FDA has announced a plan to improve cybersecurity practices for medical devices in response to the White House’s effort to bolster cybersecurity across the supply chain. Kevin Fu, acting director of medical device cybersecurity at the FDA’s Center for Devices and Radiological Health, has warned of cyber-attacks not just affecting technology that stores and processes data, but also affecting technology directly responsible for patient health. Read More

Published On August 3, 2021

The Impact of New PCI DSS v4.0 Requirements for Healthcare

The PCI Security Standards Council has announced detailed timelines for the release of the much-anticipated PCI DSS version 4.0. Due to the scale and extent of the changes, the council is now targeting Q2 2022 for formal publication of the new framework. This blog post provides additional details about the timing of version 4.0 and its implications for healthcare entities. Read More

Published On July 19, 2021

Healthcare CISOs Sound Off, Volume 3: HIPAA Compliance and Risk Management

The CyberPHIx is an audio podcast series that presents expert viewpoints on data security strategies for organizations handling patient health or personal information in the delivery of health-related services. Volume 3 of our "Healthcare CISOs Sound Off" blog series will address HIPAA compliance as part of a larger risk management program. This blog compiles quotes and recordings from some of the industry’s best and brightest leaders related to this important area of focus for healthcare risk management programs. Read More

Published On June 21, 2021

Healthcare CISOs Sound Off, Volume 2: Risk Reporting & Engaging with the Business

The CyberPHIx podcast is a quick source for keeping up with the latest cybersecurity news, trends and industry leading practices, specifically for the healthcare industry. For those who don’t quite have the time to binge-listen through the entire catalog, we have compiled some highlights from our guests on a focused set of topics. We will be releasing these as our "Healthcare CISOs Sound Off" blog series in several installments. The topic of our second blog is risk reporting and engaging with the business. Read More

Published On June 16, 2021

Healthcare CISOs Sound Off, Volume 1: Medical Device Security

I have been hosting The CyberPHIx for over three years now. During that time, I have had the honor and privilege to speak with some of the healthcare industry’s most innovative thought leaders and experts in cybersecurity, privacy, compliance, and risk. For those who don’t quite have the time to binge-listen through the entire catalog, we have compiled some highlights from our guests on a focused set of topics. We will be releasing these as our "Healthcare CISOs Sound Off" blog series in several installments. The topic for our first blog is Medical Device Security. Read More

Published On June 9, 2021

New HITRUST Reservation System for Scheduling Quality Assurance of Validated Assessments

On April 15th 2021, HITRUST® announced a new reservation system for scheduling quality assurance for validated assessments. For all validated assessments submitted on or before June 30th 2021, HITRUST will continue to process on a first come, first served basis. Any assessments that will be submitted on or after July 1st 2021, will require Assessed Entities to schedule the start of quality assurance (QA) procedures within the HITRUST MyCSF® platform. Read More

Published On May 3, 2021

How Hackers Hold Hospitals, and Your Health, for Ransom | WebMD

Article by Paul Frysh, WebMD | Brian Selfridge knew his time was up. From his perch in a locked conference room with the blinds half closed, he could see two members of the hospital IT team rounding the corner with what looked like a clear sense of purpose. He suppressed a smile as he watched the pair running circles around each other. One of them -- brow furrowed, eyes buried in an open laptop -- walked right past his room, saying, "He's right here! He's got to be!" Read More

Published On April 26, 2021

Featured Blog Posts

The Future of HIPAA Regulations

Read

Cloud Security Risk Assessments Instrumental in Transforming Healthcare Organizations’ Cloud Security Posture

Read

Strengthening Medical Device Resiliency and Supply Chain Risk Preparedness in Clinical Settings

Read

How to Build a Resilient Third-Party Risk Management Program

Read
Keep Up
With Meditology
Be the first to receive exclusive IT risk management updates.