Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

trustcloud

How to get HITRUST certified

Jul 9, 2025 By Richa Tiwari In TrustCloud
How to get HITRUST certified has become a strategic move for organizations handling sensitive health and financial data. It demonstrates a serious commitment to information security, privacy, and regulatory compliance. However, the path to certification is often viewed as daunting – requiring time, budget, internal effort, and cross-functional coordination. Many organizations struggle with cost concerns, internal resource limitations, and uncertainty about the actual return on investment.
Read Post
Feroot

What Are the Biggest HIPAA Compliance Risks in Retargeting and Digital Marketing for Healthcare Organizations?

Jul 4, 2025 By Feroot In Feroot
Digital marketing relies on user behavior data — but for healthcare organizations, that data often includes protected health information (PHI). If ad platforms or third-party scripts collect PHI without consent or encryption, your organization could face HIPAA violations.
Read Post
Feroot

Is Google Analytics 4 HIPAA-Compliant? A 2025 Guide for Healthcare CISOs on Privacy Risks and Safer Alternatives

Jul 2, 2025 By Feroot In Feroot
Google Analytics 4 (GA4) is not designed to comply with HIPAA — and using it on healthcare websites may expose Protected Health Information (PHI) to third parties.
Read Post
How Computers Help in Hospitals: EHR Design

How Computers Help in Hospitals: EHR Design

Jul 2, 2025 By SecuritySenses In SecuritySenses
The doctor used to write notes on paper when someone came to the clinic. These remarks told what the problem was, what medicine was given, and whether the patient had improved. But now, most doctors use computers to do this. The notes are saved in a special program called Electronic Health Records, or EHR. EHR is like a digital notebook. It keeps all health details in one place. The way it looks and works is called EHR Design. If the design is good, it makes life easy for everyone in the hospital.
Read Post
CrowdStrike

Prescription for Protection: Healthcare Industry Observations from CrowdStrike Investigations

Jul 1, 2025 By Yinan Yang - Tim Parisi In CrowdStrike
The healthcare sector continues to be a prime target for cyber adversaries, with threat actors constantly evolving their tactics to exploit vulnerabilities. Over the past year, CrowdStrike Services responded to a growing number of financially motivated attacks aimed at encrypting data and extorting victims across the healthcare ecosystem.
Read Post
Feroot

How Third-Party Pixels Jeopardize HIPAA Compliance on Healthcare Websites

Jun 30, 2025 By Feroot In Feroot
Third-party pixels are snippets of JavaScript embedded on healthcare websites to track user behavior — but they can unintentionally transmit PHI (Protected Health Information) to unauthorized recipients like Meta, Google, and others. Common pixel-triggered compliance issues include: Recent lawsuits and regulatory crackdowns (including FTC enforcement and OCR guidance) have made it clear: tracking technologies on healthcare websites can constitute a HIPAA breach.
Read Post
CalCom

HIPAA, HITRUST, CSF, And Server Hardening Part 1

Jun 29, 2025 By Jonny Gold In CalCom
Suppose you are an experienced IT professional or consultant working in the private sector. You get a new job working in the US Healthcare industry. On starting your new job, you learn about the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and the consequences of failure to comply with it. As an IT professional, you understand that a crucial component of mitigating cyber threats is to implement server hardening, but how does this relate to HIPAA?
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.