Recent Articles

  • iso 27001 risk management framework

    A Practical Guide to the ISO 27001 Risk Management Framework

    Published On: June 20th, 2025

    More than ever before, healthcare organizations are faced with increasing threats to cybersecurity and information security. From ransomware attacks to data breaches that expose sensitive information, the [...]

  • May 2025 Healthcare Breach Report

    May 2025 Healthcare Breach Report: 1.8 Million Records Exposed as OCR Steps Up Enforcement

    Published On: June 16th, 2025

    The U.S. healthcare sector suffered yet another intense month of data breaches in May 2025, with 59 incidents reported to the Department of Health & Human Services [...]

  • regulatory risk management

    Turning Risk Management Into a Functional Part of Healthcare Compliance

    Published On: June 11th, 2025

    Healthcare compliance teams understand the importance of regulatory risk management…the real challenge is making it actionable. It can't just show up in binders or annual assessment, it needs [...]

  • Strategic Compliance and Risk Management

    HHS Spring 2025 Report: Strategic Compliance and Risk Management for Mid-to-Large Healthcare Organizations

    Published On: June 5th, 2025

    Enterprise-Level Strategic Response to Critical Findings from the Department of Health and Human Services Office of Inspector General Spring 2025 Semiannual Report to Congress [...]

  • HHS Spring 2025 Report Small Healthcare Practice Guidance

    HHS Spring 2025 Report: Compliance Actions for Small Healthcare Practices

    Published On: June 4th, 2025

    Critical Findings and Actionable Steps Based on the Department of Health and Human Services Office of Inspector General Spring 2025 Semiannual Report to Congress [...]

  • Comstar Ransomware OCR Settlement

    Comstar Ransomware Breach Leads to OCR Settlement

    Published On: June 2nd, 2025

    The latest HIPAA enforcement action should serve as a loud and clear warning to every medical billing company: HIPAA is not optional—it’s the law. The U.S. Department [...]

Blog Categories

  • 42 CFR Part 2

    42 CFR Part 2

    42 CFR Part 2 dictates rules for the confidentiality of substance abuse records. Find out when providers are permitted to share records and when they are not.

  • Healthcare Compliance

    Healthcare Compliance

    Healthcare compliance is complex, especially when you have to meet multiple compliance standards. Learn how to navigate HIPAA, OSHA, and SOC 2 requirements.

  • Healthcare Data Breach Report

    Healthcare Data Breach Report

    Each month, we review what caused healthcare data breaches and how they could have been prevented. Learn how to protect your business from breaches and fines.

  • HIPAA Compliance

    HIPAA Compliance

    Whether you’re a healthcare provider, health plan, or healthcare vendor, you must meet HIPAA standards. Learn what’s required for HIPAA compliance and how to implement a successful program.

  • HIPAA News

    HIPAA News

    Keep up to date on HIPAA news by checking in with us. We will provide you with information on changes to HIPAA law, healthcare breaches, HIPAA violations, and OCR fines.

  • HIPAA Violation Fines

    HIPAA Violation Fines

    Healthcare organizations that fail to meet HIPAA Privacy, Security, or Breach Notification Rules can face HIPAA violation fines. Find out who has been fined and how they could have prevented penalties.

  • MACRA MIPS

    MACRA MIPS

    To be eligible for reimbursement under the Merit-based Incentive Payment System (MIPS), you must meet Medicare Access and CHIP Reauthorization Act (MACRA) standards.

  • OCR Enforcement

    OCR Enforcement

    The Office for Civil Rights (OCR) is the enforcing body of HIPAA. The OCR conducts investigations into potential HIPAA violations, issuing judgments that can result in settlements.

  • OIG Compliance

    OIG Compliance

    The Office of Inspector General (OIG) released guidance, referred to as the seven elements of compliance. Find out how to implement an effective compliance program.

  • OSHA Healthcare Compliance

    OSHA Healthcare Compliance

    OSHA healthcare compliance ensures a safe and healthy environment for patients and staff. Find out how to meet various OSHA standards specific to healthcare.

  • Right of Access

    Right of Access

    The HIPAA Right of Access standard requires healthcare providers to comply with patient record requests. This standard is the most cited in HIPAA settlements. Learn the rules.

  • SOC 2 Compliance

    SOC 2 Compliance

    The American Institute of Certified Public Accountants (AICPA) created a cybersecurity framework called Service Organization Control Type 2 (SOC 2). Learn how about SOC 2 compliance.