Executing and continuously updating the risk analysis is a challenging task. Things change daily in the cybersecurity world, including an entity’s risk profile. Healthcare providers, payers, and business associates collectively struggle with assessing and keeping up to date a comprehensive and thorough risk analysis. Analyzing and assessing risk are not only required by the HIPAA Security Rule but are necessary to build an effective cybersecurity program. There are many challenges. Situational awareness and knowledge of all places in which ePHI is in ...
© Eric C. Thompson 2017
Eric C. Thompson, Building a HIPAA-Compliant Cybersecurity Program, https://doi.org/10.1007/978-1-4842-3060-2_18
18. Think Offensively
Eric C. Thompson1
(1)Lisle, Illinois, USA
Get Building a HIPAA-Compliant Cybersecurity Program: Using NIST 800-30 and CSF to Secure Protected Health Information now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
