Robust cybersecurity architecture begins with essentials like access control and user credential management. This is especially true for businesses in the healthcare industry, where unauthorized access via a weak or stolen password can compromise protected health information security (PHI). HITRUST password requirements simplify the measures required to keep all your stakeholders safe. Read on to learn more about what they entail.
Blog
-
What is a HITRUST Bridge Assessment?
Many companies sit at the intersection of multiple sectors. This can be a lucrative position, but it also requires surveying the specific cybersecurity risks across industries. To address the needs of these companies, HITRUST Alliance published the Common Security Framework (CSF). However, to accommodate companies struggling to meet compliance requirements after the COVID-19 pandemic, the HITRUST bridge assessment can be the difference between lapsing in protection and recovering fully.
-
Your Complete Cybersecurity Hygiene Checklist
Maintaining a regular hygiene routine is the key to living a healthy lifestyle. The same is true for achieving a strong security infrastructure. With a cybersecurity hygiene checklist, you can easily maintain a robust cybersecurity posture while promoting healthy information management practice. Cyber hygiene means maintaining a security-centric stance and routine that enables your organization to mitigate potential breaches.
-
How To Make A Personally Identifiable Information Policy
For years, individuals have trusted companies with their data. After many instances of data breaches reaching the mainstream news, the public’s negative perceptions of data misuse are increasing. Data producers have become more suspicious of how organizations are using their data. It has never been more critical for your organization to develop a personally identifiable information policy, and this article will show you how.
-
The GDPR Special Categories of Personal Data
What separates the General Data Protection Regulation (GDPR) from its predecessors is its ability to recognize how the data landscape has changed over the past two decades. One way the regulation has accomplished that is by combining privacy protection with modern-day data processing techniques. And it has done so primarily through its recognition of special categories of data. The GDPR Special Categories of Data is a subsection of personal data that regulators have deemed as extra sensitive. This subsection of personal data requires additional security measures that ensure the privacy of the subject being processed.
-
What is a GDPR Data Subject Rights Request?
Finding yourself in the middle of a data subject access request (DSAR) and unprepared can be pretty jarring. Most businesses aren’t even GDPR compliant and will not know how to handle a DSAR.
-
How Many HITRUST Controls Are There?
One of the most robust and comprehensive cybersecurity frameworks developed in recent years is the Common Security Framework (CSF), a HITRUST Alliance publication. HITRUST pulls together loose ends from various industry-specific guidelines into one all-inclusive document. The CSF is not required for most businesses, but all companies stand to benefit from adopting its controls and achieving certification.
-
Top Hardware Penetration Testing Tools
Many companies believe they have adequate protection against malicious actors, but in reality, when you assess their network, they don’t. Hardware penetration testing is such a powerful tool for patching hidden weak points in your system before a hacker can exploit them. Although companies realize that they can’t make all systems 100 percent secure, they’re incredibly interested to know what kind of security issues they’re dealing with.
-
Your Guide to HITECH Compliance Requirements
The US Department of Health and Human Services (HHS) presides overall healthcare and patient safety matters to “enhance the health and well-being of all Americans.” Extending this protection to patients’ health information, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) set baseline requirements for how hospitals and doctors process data. In 2009, HITECH compliance requirements expanded these protections to meet evolving threats of cybercrime.
-
Is A DPIA Required For GDPR
There is a special feeling when launching a new project. It is exciting, a little nerve-racking, but always bursting with potential.
Your company might be going through a similar process and feeling. But you might be unsure about the privacy implications. You might wonder, is a DPIA required under GDPR?