skip to Main Content
Talk to a Security Expert Now: (800) 721-9177

BREACH REPORT 2016: Protected Health Information

With special pride, CynergisTek releases Redspin's 7th annual Breach Report: Protected Health Information (PHI). Our experts assess the overall effectiveness of the current policies and controls intended to safeguard PHI. We identify significant new trends and highlight areas where improvements are most needed. Most importantly, we offer useful and practical recommendations based on real-world experience. Our goal is to help the healthcare industry continually improve its ability to protect patient information. We hope this year’s report makes an important contribution.
Read more

BREACH REPORT 2015: Protected Health Information

The HITECH Act mandates that large breaches of protected health information (PHI) totaling 500 records or more must be reported on a timely basis to the Office of Civil Rights (OCR) under the Department of Health and Human Services (HHS). This breach notification requirement was implemented in two interim rules and then finalized in the HIPAA Omnibus Rule. As of December 31, 2015, a total of 1,437 large breaches of PHI affecting 154,368,781 patients had been reported since HITECH went into effect in 2009.
Read more

Does Your Company Have a Mobile Security Policy?

An emerging risk is the increased use of portable devices in the enterprise. How are you allowing mobile device secure access your sensitive information resources? Use our 'Redspin Sample Mobile Device Security Policy' template to get you started.
Read more

Security Program Development Methodology

The objective of this methodology is to support organizations with the ability to implement a prescriptive model for building a healthcare security program. Much of this approach is derived from our books, The CISO handbook and CISO soft skills, as well as experience in the field developing security programs for more than 100 organizations worldwide.
Read more

Best Practices in Healthcare Risk Management

More and more hospitals and healthcare providers are struggling to fully understand the security risks present in their environment. That’s not surprising given the challenges they face: increasingly skillful attackers, insecure legacy technologies, expanding regulatory requirements and new business initiatives that need to be protected. But they can no longer afford an ad hoc, opportunistic approach to understanding and remediating risks. That leads to bad decisions: focusing on the wrong risks, investing in only marginally useful security technologies and processes and missing critical vulnerabilities.
Read more

Business Associate Management Framework

The management of business associates (ba) is a critical activity for any healthcare organization. This methodology presents the elements that an organization must have to successfully manage all aspect of using or being a business associate.
Read more

2015 Cloud Security Spotlight Report

Cloud computing has become a part of nearly every CIO’s strategy. Yet IT security remains the biggest perceived barrier to further cloud initiatives. To help our clients better understand the risks and rewards of cloud adoption models, Redspin partnered with the Information Security Community on LinkedIn to identify current trends, benchmarks, and security solutions. We hope that you will find the Redspin Cloud Security Spotlight Report interesting and informative.
Read more

BREACH REPORT 2014: Protected Health Information (PHI)

As of December 31, 2014, a total of 1,170 large breaches of PHI affecting 40.8 million patients had been reported since HITECH went into effect in 2009. Last year alone, nearly 9 million heath records were breached, more than 50% as a resulting of hacking incidents. In its annual report, Redpsin provides in-depth analysis of the history of large PHI data breaches, year-over-year trends, and the operational areas most in need of improvement.
Read more

Mapping Application Security To Business Value

This white paper outlines considerations and recommendations for reducing business risk by ensuring that your web applications are secure. Our goal is to present information that will be helpful not only to IT and information security professionals but business unit general managers as well. We will examine the process of managing applications throughout their lifecycle.
Read more
Back To Top