The Latest News on Security, Privacy & Compliance
There are several privacy, security and compliance topics making headlines across the industry. For example, OCR's phase 2 audits have begun, OCR issued vendor security guidance and legislation was proposed to elevate the HHS CISO's role. Read this month's newsletter to catch up on some of the biggest headlines around the industry and at CynergisTek.
Podcast: Preparing for Round 2 of HIPAA Audits

CynergisTek's VP of Compliance Strategies David Holtzman recently recorded a podcast with HealthcareInfoSecurity that describes how organizations should be preparing in case they are selected for Phase 2 of OCR's HIPAA audits, including the addition of business associates in the audit pool.


OCR Issues Guidance on Preventing Vendor Breaches

After several organizations suffered data breaches due to lack of vendor security, OCR issued guidance that reminds organizations of the importance of effective vendor management and lists steps they should take to determine the security of their business associates.


How Penetration Testing Can Benefit Your Organization

What is a penetration test and what are the end results? In this blog post, our Senior Penetration Tester John Nye addresses the benefits of penetration testing as well as the various options available to organizations.


Healthcare Disaster Recovery Critical for Providers

Tom Gordon, CIO at Virtua Health Systems, a CynergisTek client, was recently interviewed by SearchHealthIT. In this article, he describes their extensive disaster recovery plans and procedures, as well as his predictions for the future of disaster recovery and cloud systems.


New Infographics: 2016 Symantec Internet Security Threat Report and Ponemon Healthcare Data Study

We recently released infographics highlighting key statistics from two recently-released industry reports: Symantec's Internet Security Threat Report and the Ponemon Institute's Privacy & Security of Healthcare Data Study



Proposed Legislation Would Elevate HHS CISO Role

Recently introduced legislation aims to establish the office of the CISO independent from the CIO within HHS. This move mirrors a trend seen in private-sector organizations and would allow the CISO to be a peer of the CIO, rather than a subordinate role. Our CEO Mac McMillan will appear as a witness at a House Energy and Commerce Committee, Health Subcommittee hearing on Wednesday, May 25th, providing written and oral testimony.


Webinar Recording: Protecting Your Healthcare Organization from Emerging Threats

Our CEO Mac McMillan recently presented a webinar, hosted by Phreesia, that covered security concerns in the industry today, as well as tips for how organizations should respond to these threats.


What Impact Will MIPS/MACRA Have on Privacy and Security?

Our VP of Compliance Services, David Holtzman analyzes CMS's proposed MIPS/MACRA rule, aimed to  change how the Medicare program provides incentives and bonuses to physicians and other clinicians, and the limited impact it will have on healthcare privacy and security.


Upcoming Educational Events
CynergisTek executives are speaking at several conferences and webinars in the next few months, including several regional HIMSS events, WEDI and CHIA. CynergisTek is also providing several free HIPAA Privacy and Security Workshops across the nation. Click here for more details on all upcoming educational events.

Thank you for reading this month's newsletter. Email us if you would like to see additional topics addressed in the future.
A printable version of this month's newsletter is available.