Talk to a Security Expert Now: (800) 721-9177

Resources & Downloads

Independent security research, articles, whitepapers, and guides from the leaders in cyber security and penetration testing.

Redspin’s Breach Report 2015

This is Redspin’s 6th annual Breach Report: Protected Health Information (PHI). At the conclusion of each year, we analyze the complete statistical data set of large breaches that have been reported to HHS. In the report, we assess the overall effectiveness of the current policies and controls designed to safeguard PHI. In the current year, we identify significant trends and draw attention to the specific areas most in need of improvement. We then offer Redspin’s recommendations for preventive measures and corrective actions to address any critical gaps or weaknesses. Our goal is to help the healthcare industry continually improve its ability to protect patient information. As always, we hope this year’s report makes an important contribution.

DOWNLOAD THE BREACH REPORT

UPDATE VIEW

Security Reports & Guides Download

  • Healthcare, Security Report

    BREACH REPORT 2015: Protected Health Information (PHI)

    The HITECH Act mandates that large breaches of protected health information (PHI) totaling 500 records or more must be reported on a timely basis to the Office of Civil Rights (OCR) under the

  • Redspin IT Security Report

    Templates

    Does Your Company Have a Mobile Security Policy?

    An emerging risk is the increased use of portable devices in the enterprise. How are you allowing mobile device secure access your sensitive information resources? Use our 'Redspin Sample Mobile

  • Redspin IT Security Report

    Checklists, Healthcare, HIPAA

    Are Your Healthcare Business Associates Compliant with the HIPAA Security Rule?

    Under the HITECH Act Section 13401(a), Business Associates need to comply with the administrative, physical and technical requirements of the HIPAA Security

  • Frameworks

    Security Program Development Methodology

    The objective of this methodology is to support organizations with the ability to implement a prescriptive model for building a healthcare security program. Much of this approach is derived from our

  • Security Report

    Best Practices in Healthcare Risk Management

    More and more hospitals and healthcare providers are struggling to fully understand the security risks present in their environment. That’s not surprising given the challenges they face:

  • Frameworks

    Business Associate Management Framework

    The management of business associates (ba) is a critical activity for any healthcare organization. This methodology presents the elements that an organization must have to successfully manage all

  • Security Report

    2015 Cloud Security Spotlight Report

    Cloud computing has become a part of nearly every CIO’s strategy. Yet IT security remains the biggest perceived barrier to further cloud initiatives. To help our clients better understand the risks

  • Security Report

    BREACH REPORT 2014: Protected Health Information (PHI)

    As of December 31, 2014, a total of 1,170 large breaches of PHI affecting 40.8 million patients had been reported since HITECH went into effect in 2009. Last year alone, nearly 9 million heath

  • Frameworks

    Mapping Application Security To Business Value

    This white paper outlines considerations and recommendations for reducing business risk by ensuring that your web applications are secure. Our goal is to present information that will be helpful not

  • Security Report

    BEFORE THE BREACH: Why Penetration Testing is Critical to Healthcare IT Security

    Healthcare IT has dramatically changed over the past few years. With rapid change comes increased IT security risks, yet healthcare spending on IT security is roughly one-fifth of that of comparable

  • Security Report

    What Healthcare CEO's Need to Know about IT Security Risk

    Today’s healthcare CEOs are presiding over the most dynamic period in the history of the industry. At the epicenter of this transformative change is the migration to electronic health records (EHR)

  • Security Report

    BREACH REPORT 2013: Protected Health Information (PHI)

    A total of 804 large breaches of protected health information (PHI) affecting over 29.2 million patient records have been reported to the Secretary of Health and Human Services (HHS) since the August

  • Security Report

    BREACH REPORT 2012: Protected Health Information (PHI)

    A total of 538 large breaches of protected health information (PHI) affecting over 21.4 million patient records have been reported to the Secretary of Health and Human Services (HHS) since the August

  • Healthcare, HIPAA

    The Facts About HIPAA, HITECH, and the Omnibus Rule — What You Need to Know

    The healthcare industry is rapidly moving towards increasing use of electronic health records (EHR) and other information systems to provide health information to doctors and patients, pay claims,

  • Security Report

    BREACH REPORT 2011: Protected Health Information (PHI)

    Breaches of protected health information (PHI) have reached epidemic proportions. While the Federal government regularly reports on the total number of breaches (385) and individuals affected (19

  • Advisories

    Penetration Testing – What You Need to Know

    So you think you need to do penetration testing? Before you embark on testing, it's important to understand exactly how penetration testing fits into your information security

  • Checklists, Healthcare

    8 Questions to Ask Your Security Auditor

    At Redspin, we believe that every organization responsible for maintaining the privacy and security of sensitive data should invest in an independent review of their IT security. How should you

  • Security Report

    BREACH REPORT 2010: Protected Health Information (PHI)

    A total of 225 breaches of protected health information affecting 6,067,751 individuals have been recorded since the interim final breach notification regulation was issued in August

  • Healthcare, HIPAA

    Ensuring Security, Privacy, and Compliance While creating Value with Healthcare IT

    A step by step approach to meeting security, privacy, and compliance goals through a focus on value creation. Spiraling costs and a lack of global competitiveness are often cited as major problems