The Latest News on Security, Privacy & Compliance
There are several privacy, security and compliance topics making headlines and trending across the healthcare IT industry. For example, OCR HIPAA audits of business associates are expected to begin this month, HIMSS released its 2016 Cybersecurity Survey, and direct-to-RAM attacks are becoming a popular method of hackers. Read our latest newsletter to catch up on some of the top headlines from around the industry and at CynergisTek.
Pay Now or Pay Later: The Cost of Privacy and Security

Marti Arvin, CynergisTek's VP of Audit Strategy, wrote this blog post which discusses why preventative privacy and security measures can help organizations reduce their risk of attacks and breaches.

What's Needed: More HHS Guidance, or New HIPAA Security Rule?

Following a report from the GAO that HHS should improve the guidance they provide to healthcare organizations on security controls, Mac McMillan discusses why the HIPAA Security Rule has critical gaps. 

Infographic: 2016 HIMSS Cybersecurity Survey

We recently released an infographic that details findings from the 2016 HIMSS Cybersecurity Survey, which asked healthcare IT executives and staff questions on security incidents, threats and preparedness.

OCR: Business Associate HIPAA Audits Coming Soon

OCR recently announced that the long-anticipated business associate HIPAA audits will begin this month. 40 to 50 business associates will be notified of their selection for a desk audit and will then have 10 days to submit requested documentation to OCR.

HCCA Healthcare Enforcement Compliance Institute

CynergisTek executives David Holtzman and Marti Arvin will be presenting at the upcoming HCCA Healthcare Enforcement Compliance Institute in Washington, DC. In addition, CynergisTek will be exhibiting at booth 18. We hope to see many of you there.

Podcast: Healthcare Infosec with the Expert

In this podcast, Joe Lavelle of IntrepidNow Healthcare interviews CynergisTek's CEO Mac McMillan on a variety of topics including CynergisTek's recent growth, ransomware and the future of information security.

Using a Battering RAM to Hack

This blog post from CynergisTek's penetration tester John Nye discussed direct-to-RAM attacks, which is a method attackers are using to bypass end-point defensive software.

Upcoming Educational Events
CynergisTek executives are speaking at several conferences and webinars in the next few months, including the HCCA Compliance Enforcement Institute, CHIME LEAD Forum and regional HIMSS events. CynergisTek is also providing free HIPAA Privacy and Security Workshops across the nation. Click here for more details on all upcoming educational events.

Thank you for reading this month's newsletter. Click here if you would like to see additional topics addressed in the future.