System Security Plan or SSP for SPRS
An SSP is required for posting on the SPRS site.
Posted April 27, 2021 by Jack Anderson
CMMC 3 Audit Ready
It is recommended that you start on getting CMMC 3 Audit Ready at least 6 months in advance of an actual audit.
Posted February 16, 2021 by Jack Anderson
CMMC 1 is Your Ante
CMMC 1 is the minimum security level required for all DOD contactors.
Posted February 3, 2021 by Jack Anderson
HHS Whacks Texas HHS
The OCR division of HHS imposed a penalty of $1.6 on the Texas HHSC for a breach of the ePHI of 6,000 individuals and the failure to remediate or respond.
Posted November 26, 2019 by Jack Anderson
Do You Speak NIST?
You don't have to speak NIST to get HIPAA compliant on the NIST Cyber Security Framework. (CSF)
Posted November 14, 2019 by Jack Anderson
58% of Healthcare Organizations on NIST CSF
58% of healthcare organizations are on the NIST CSF, you should be too.
Posted November 7, 2019 by Jack Anderson
NIST Videos
Why HIPAA on NIST CSF and Upgrade to NIST CSF are two new videos by Compliance Helper.
Posted September 12, 2019 by Jack Anderson
The Case for a Cybersecurity Framework
An excellent article about adopting a cybersecurity framework in a small healthcare orgainization. https://www.himss.org/news/cybersecurity-framework
Posted August 27, 2019 by Jack Anderson
NIST=HIPAA Proof
HIPAA compliance on the NIST CSF is the new standard for healthcare.
Posted August 15, 2019 by Jack Anderson
Ten Commandments for Business Associates
The Office for Civil Rights recently affirmed the conduct that would subject business associates to direct liability under HIPAA, **The Ten Commandments**
Posted May 31, 2019 by Jack Anderson