Welcome to HealthcareInfoSecurity's HIPAA Omnibus Resource Center!

The latest news, views and education on the HIPAA Omnibus Rule, including insights on complying with modifications to the HIPAA privacy, security and breach notifications rules.

View the Full Text of Final Rule

Spotting and Stopping Synthetic ID Fraud

Tom Field • October 27, 2022

Synthetic identity fraud is the fastest-growing financial crime in the country. By combining real and fabricated personal information, a synthetic identity is specifically designed to look and act like a valid identity - until it doesn’t, leaving financial losses and criminal activity in its wake.

Email Threat Protection

SMBs! Forget Retainer-based Security Assessments: Demand Funded POCs

Latest

3rd Party Risk Management

The Key To Compliance? Third-Party Management

Tori Taylor • August 30, 2022

They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.

Next-Generation Technologies & Secure Development

The Value of Digital Transformation

Andrew Stevens • August 30, 2022

With the increase in remote workers and proliferation of uncontrolled devices, your IT team has been migrating applications to the cloud along with building cloud-native applications to support the speed needed by the business.

Electronic Healthcare Records

Evolving Ransomware Threats on Healthcare

Adam Mansour • August 22, 2022

While healthcare as an industry is being most targeted by ransomware, health or medical clinics are by far the hardest hit.

Breach Notification

Lack of Access Management Is Causing Data Breaches

Isa Jones • August 18, 2022

The costs of hacks are rising, the amount of ransomware is rising, and the number of organizations that have been breached will also rise unless organizations take action.

Next-Generation Technologies & Secure Development

How Code Hardening Enables Mobile App Developers to Meet OWASP MASVS Recommendations

Guardsquare • August 17, 2022

Why have attacks from rogue mobile apps grown by 49% in Q3?

Endpoint Detection & Response (EDR)

MDR vs Managed EDR: The Two Meanings of Managed

Adam Mansour • August 10, 2022

While Managed EDR can help in many endpoint scenarios, it’s important to be aware that going beyond the endpoint allows MDR and extended detection and response (XDR) to offer broader cybersecurity coverage.

Cloud Security

Netskope Expands Into Cloud Networking With Infiot Purchase

Michael Novinson • August 2, 2022

With its acquisition of Infiot, Netskope now carries both the networking and security technology needed to build a Secure Access Service Edge architecture following. The acquisition of Infiot's platform will allow Netskope customers to address both traditional and emerging SD-WAN use cases.

Endpoint Security

Profiles in Leadership: Sean Mack

Mathew J. Schwartz • July 25, 2022

Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.

Access Management

How Machine Learning Is Changing Access Monitoring

Isa Jones • July 5, 2022

As this technology is automated, it can also scan more accesses because a new rule doesn’t need to be created for each access. You can jump from a 1% audit rate to a 99% audit rate.

CISO Trainings

Profiles in Leadership: Rob Hornbuckle

Mathew J. Schwartz • June 30, 2022

Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.

General Data Protection Regulation (GDPR)

A Shortcut to the NIST Cybersecurity Framework

Kylie Ruiz • June 28, 2022

Determine how the NIST Framework can fit into your security structure and start taking proactive steps to protect critical assets from rising and evolving threats.