Skip to main content

Schedule Your Healthcare Risk Assessment

Having regular risk assessments is becoming a priority for all healthcare organizations. These assessments help ensure your organization complies with the latest HIPAA regulations and maintain the most secure environment for your patients. 

New HIPAA Security Rules To Take Effect Later This Year.

The U.S. Department of Health and Human Services (HHS) has announced an update for the HIPAA security regulations to enhance the cybersecurity of electronic protected health information (ePHI).  The updates aim to address technological changes, increasing cybersecurity threats, and deficiencies in the current legislation.

Here is a quick list of changes:

  • Require vulnerability scanning at least once every six months
  • Require review and testing of security measures at least once every twelve months
  • Require use of multifactor authentication, with limited exceptions
  • Require network segemtantion
  • Require separate technical controls for the backup and recovery of ePHI and relevant electronic information systems.  

This is not a comprehensive list; read the HHS's fact sheet for the full report.

The Importance of an Annual IT Risk Analysis

Periodic IT risk analysis is a cornerstone of your cybersecurity strategy, providing a comprehensive assessment of potential vulnerabilities and the effectiveness of your current safeguards. Was the last analysis conducted meant to fulfill Meaningful Use Objectives?  Here’s how conducting an updated thorough IT risk analysis can benefit your organization:

  • Identify and Mitigate Risks: Proactively identify potential threats and vulnerabilities within your IT infrastructure, enabling you to implement effective mitigation strategies before they can be exploited.
  • Ensure Compliance: Stay ahead of regulatory requirements by aligning your security measures with the latest HHS Cyber Performance Goals and HIPAA standards, reducing the risk of non-compliance and associated penalties.
  • Enhance Patient Trust: Demonstrate your commitment to protecting patient data by continuously improving your cybersecurity posture, thereby fostering trust and loyalty among your patients.
  • Optimize Resource Allocation: Prioritize your IT investments by focusing on areas that pose the greatest risk, ensuring that your resources are allocated efficiently and effectively.
  • Strengthen Incident Response: Develop and refine your incident response plans based on the insights gained from the risk analysis, ensuring a swift and coordinated response to any potential breaches.

How cyberTAP Can Help

Navigating the complexities of cybersecurity and compliance can be challenging. Purdue cyberTAP's team of experts supports you every step of the way, providing tailored solutions that meet your organization's unique needs. Our comprehensive approach ensures that your IT systems are secure, compliant, and resilient against the ever-evolving landscape of cyber threats. Specifically, cyberTAP offers both risk assessments and vulnerability scanning services for healthcare organizations. The new vCISO service can provide a knowledgeable and trusted expert to advise you on other technical requirements.

Sign up for your IT Risk Analysis

Please use this field to ask general questions or relevant information.
Return to main content

Purdue University, 610 Purdue Mall, West Lafayette, IN 47907, (765) 494-4600

© 2021 Purdue University | An equal access/equal opportunity university | Copyright Complaints | Maintained by Technical Assistance Program

Trouble with this page? Disability-related accessibility issue? Please contact Technical Assistance Program at tap@purdue.edu.