The Latest News on Security, Privacy & Compliance
Thanks for reading CynergisTek's monthly newsletter. Included are some of our latest news and updates from around the industry. Monthly topics focus on emerging security issues and updates on protecting patient privacy, as well as the latest about HIPAA compliance and enforcement. Please email us if you have any questions or would like to see different topics in the next newsletter. 
Five Things to Know About OCR HIPAA Audits

David Holtzman recently provided tips to HealthcareITNews readers addressing what to know about the OCR HIPAA Audits and what healthcare providers and business associates should be doing before the audits start. A few highlights include that before the audits start, you should be having conversations and reviewing policies, procedures and guidelines that are required under HIPAA and HITECH standards. Now is the time for data collection and you should organize an area where you can manage documentation and materials that could be requested during an OCR HIPAA Audit.

New Infographic: Elements of an Effective Privacy & Security Programs

Often healthcare providers think that compliance with regulatory requirements is all it takes to address privacy and security. However just "checking off" compliance is not enough to protect the integrity of patients' data. Instead, the five elements below should be included in any privacy and security program:
  • Culture of awareness
  • Thorough risk assessment
  • Proactive security rather than reactive
  • Privacy best practices
  • Business associate management
  View the infographic>>

The High Cost of Staying Protected: Security Expenses

CISOs are facing the challenge of trying to tighten up the security program while having a limited budget. Security is often seen as a cost center, and it isn't easy to measure ROI unless there is a significant breach. Restricted budgets, a shallow talent pool, high costs of major new solutions and an inability to leverage the demand for higher IT security spending are just some of the challenges CISOs have to overcome.

Read this article>>

Limited Time Offer: 25% Off Phishing Assessments*

CynergisTek has a limited time offer* available on four different phishing assessment campaigns. Choose the offer that best fits your organization's needs and receive 25% off the standard price.* All four programs span over one year and can test up to 2,500 email addresses each time. Protect your security program by empowering employees with the knowledge they need to avoid becoming a victim of a well-crafted phishing attack. But don't wait to select your campaign. Offer ends soon and is subject to availability.

Mac McMillan Elected to Serve on AEHIS Board

CynergisTek is proud to announce that our CEO, Mac McMillan, has been elected to the board of trustees for the College of Healthcare Information Management Executives (CHIME) Association for Executives in Healthcare Information Security (AEHIS). In this role, McMillan will help the organization continue to evolve to meet member needs by providing ongoing healthcare information technology (HIT) security guidance. McMillan will also help inform policymakers and the public on key issues impacting the HIT industry.

California Amends Breach Notification Rules

Once again California has amended its breach notification rules and it will have a wide impact for organizations in every industry sector. Like California's long-standing breach notification and reporting requirements, this amendment applies to all non-profit and for-profit organizations that have some business relationship in California, in addition to any California state or local government agency (e.g., the University of California and California State University). The most significant requirement under this amendment is to mandate for specific information in a breach notification and use of a standardized model breach notice, although HIPAA covered entities are exempted from the use of the model notice. These changes take effect on January 1, 2016.

Read the blog post>>

Upcoming HIPAA Privacy & Security Workshops

CynergisTek is providing several HIPAA Privacy and Security Workshops across the nation this fall. All of these educational workshops are free, led by an industry expert, and address some of the hottest topics and biggest challenges in healthcare IT right now. Topics that will be discussed include the return of the OCR audits, recent enforcement activity and emerging cybersecurity threats. Click here for more details and to register.

Want a printable version of this month's newsletter? 

*Limited time offer: offer is available until 12/15/2015 and is subject to availability. 
25% off standard pricing: discount is not available for any custom phishing assessment or any variations of the four selected phishing assessments.