Using HITRUST for Industries Beyond Healthcare

Organizations around the world, especially ones in the HITRUST XChange program, are moving to quickly implement the HITRUST Common Security Framework (CSF) for their organization. With the recent HITRUST CSF v9.2 update, organizations across all industries – not just healthcare – can benefit greatly from the HITRUST framework.

Continue reading “Using HITRUST for Industries Beyond Healthcare”

Future of Healthcare: The Transforming Healthcare Industry [Free Download]

The healthcare environment is extremely dynamic, forcing organizations to find the right solution to match the rising challenges. Many of these solutions introduce new and emerging technologies, leaving healthcare organizations with increased vulnerabilities. Healthcare organizations of every size and type can be breached, so exploring every security solution is critical. In 2016, major cyber-attacks on healthcare increased by 63%, resulting in 93 major cyber-attacks including:

  • Banner Health – 3.6 million records
  • Newkirk Products – 3.4 million records
  • 21st Century Oncology – 2.2 million records

As we move closer to year-end, many organizations begin strategic planning for 2018. Security and privacy statistics within healthcare underline new trends including emerging threats and evolving regulations. Considering these potential industry challenges, which are anticipated to grow in size and severity, A-LIGN has released Future of Healthcare: The Transforming Healthcare Industry.

This whitepaper can be used as a guide to educate your organization and its employees to begin appropriately preparing for 2018 security and compliance initiatives by providing valuable insights, regarding the industry, regulations, and the security measures your organization can enact to prevent and protect against a potential cyber-attack. A-LIGN’s experienced assessors have more than 20 years of experience in the data protection and security industry, and intimately understand the environment from both the client and assessor perspective.

“As we monitor and analyze the current healthcare landscape, it’s apparent that many organizations are becoming vulnerable to new and emerging risks. Therefore, we seek to empower our clients through education and security audits, to prevent them from becoming a victim of a cyberattack and enhancing their information security,” said Steve Simmons, HITRUST Assessor Council Board Member and Director of Compliance at A-LIGN.

The Future of Healthcare: The Transforming Healthcare Industry whitepaper provides your organization:

  • An overview of the security and privacy landscape within healthcare including trends, statistics, and potential risks
  • A review of the evolving healthcare regulations, specifically HITRUST, it’s recent revisions and the 2017 roadmap
  • A description of compliance and audit solutions configured for both the healthcare industry and HITRUST regulation

To tackle information security challenges, organizations must begin to take the first step to protecting their data. Click here to download A-LIGN’s whitepaper, Future of Healthcare: The Transforming Healthcare Industry.

Impact of the HITECH Act on HIPAA Compliance

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) introduced Privacy and Security regulations to protect protected health information (“PHI”). HIPAA was primarily directed at healthcare providers, health care clearinghouses or health plans (such as an insurance company), which are referred to as covered entities (“CE”). As part of the American Recovery and Reinvestment Act of 2009 the Health Information Technology for Economic and Clinical Health Act (“HITECH”) expanded the reach and penalties related to HIPAA compliance. Two of the key areas where HITECH impacts companies’ HIPAA compliance relate to the requirements of Business Associate (“BA”) and the requirement for federal breach reporting requirements for HIPAA CE’s and BA’s. Continue reading “Impact of the HITECH Act on HIPAA Compliance”

Impact of the HITECH Act on HIPAA Compliance

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) introduced Privacy and Security regulations to protect protected health information (“PHI”). HIPAA was primarily directed at healthcare providers, health care clearinghouses or health plans (such as an insurance company), which are referred to as covered entities (“CE”). As part of the American Recovery and Reinvestment Act of 2009 the Health Information Technology for Economic and Clinical Health Act (“HITECH”) expanded the reach and penalties related to HIPAA compliance. Two of the key areas where HITECH impacts companies’ HIPAA compliance relate to the requirements of Business Associate (“BA”) and the requirement for federal breach reporting requirements for HIPAA CE’s and BA’s. Continue reading “Impact of the HITECH Act on HIPAA Compliance”