Posture Posture
  • Home
  • Solutions
    • Security Awareness Training
    • HIPAA Compliance
    • PCI DSS Compliance
    • Due Diligence
    • Posture Pro
  • Small Business
  • Enterprise
  • Pricing
  • Try It
  • Login
Posture

Stacy Kirk

25Jul

Agile Compliance Transformation with Posture

July 25, 2022 Stacy Kirk All Posts, Compliance 136

Agile Compliance starts by first realizing that compliance is never effective as a once a year ritual.   Posture promotes a culture of accountability by making compliance a whole team initiative. Instead, a culture of continuous compliance drives accountability, visibility, and proactive best practices ignited from within your organization.  The traditional compliance process is similar to the “old school” Waterfall model to audit readiness (long delivery, siloed teams, and low visibility).

Agile Compliance leverages the best practices found in lean and agile to not only enhance validation and accelerate feedback loops but to also get the quick wins necessary to create confidence in an organization’s compliance practices. Posture recommends the “whole-team approach” to create a compliance environment that’s transparent and promotes cross-functional team ownership of the practice.

Faster Compliance – Through our company assessment, predictive recommendation engine, and a marketplace of policies and targeted services, reduce the time from compliance from years to days.

Visibility – Provide teams and executives with compliance oversight that’s not possible from spreadsheets or tool with limited access across the organization.

Accountability (Based on the Agile and DevOps Best Practice of Collaboration, Posture promotes the “whole-team” approach to compliance and leverages assignment and incentives to encourage faster engagement and continued compliance)

To learn more about Agile Compliance and improving your compliance posture, join our newsletter.

Read more
07Jun

HIPAA, Hackers & Secure Telehealth: 5 Simple Tips to Secure Your Environment

June 7, 2022 Stacy Kirk All Posts, HIPPA 129

As patient care becomes more decentralized and distributed, healthcare providers and their patients are now, more than ever, in need of telehealth solutions. The OCR has responded to risks of in-person visits in the midst of the coronavirus (COVID-19) by relaxing its enforcement of HIPAA safeguards related to the use of video conferencing tools like Apple FaceTime, Facebook Messenger video chat, Google Hangouts video, or Skype. It is important to realize that, although practitioners won’t be penalized during the coronavirus pandemic, OCR is not approving these technologies as secure modes of communication. Hackers are still crafting cyber attacks keeping current vulnerabilities in mind. For the safety of the patients’ information, it is therefore essential to still leverage as many security best practices as possible. Listed below are a few tips to keep in mind as healthcare professionals move to telehealth for patient care.

 

  1. Use Private Networks instead of public wifi. You should be at home, but if you are not, you should not use any public or open wifi networks. Use either a personal hotspot from a device you own or a VPN solution for your phone, tablet, or laptop. There is too much risk of a hacker attacking you on the public network and possibly getting access to your private communication.
  2. Be careful how you share meeting links. The FBI reported last week that hackers are hijacking meetings held by Zoom, a virtual conference provider. As you create virtual meeting invitations, the connection information (links) should never be sent to a public-facing site. Links should be sent directly to the patient – not a group! It is also important to use the latest version of the teleconference software for any security updates.
  3. Review Security Awareness. Refresh safe internet use training for you and your staff. User mistakes or negligence account for most security breaches. Ensuring that your team is aware of these security practices will help save you and your patients a lot of grief.
  4. Review Privacy Practices. Ensure your staff understands what relaxed HIPAA enforcement means: you are not able to share patient data just because of the pandemic!
  5. Use encrypted messaging and webforms. Tools that cost less than you think (under $100) are available that can be integrated into your current email provider and add encryption. Web forms that encrypt the input data can be easily added to your website. This can support a virtual intake process and the patient’s review of privacy notifications.

 

Even though the OCR will not be penalizing you for the use of remote services, you will still run the risk of ransomware, civil lawsuits for privacy negligence, or poor online reviews that can impact your reputation. With the unknowns created with COVID-19, hiring a security consultant may not be feasible. Companies like Posture can help guide practitioners through these regulatory changes while helping to improve their security and privacy program. With reasonable rates of $99 per month, it’s a brilliant and simple way to handle your HIPAA Compliance Program as you move into Telehealth.

Read more

ABOUT POSTURE

Posture provides small and mid-size suppliers with an affordable solution to improve their cybersecurity hygiene and verifiably meet their buyer’s security requirements.

Gain access to our powerful supplier risk management platform, which connects buyers and suppliers. Buyers gain greater visibility into their supplier’s security practices and risk. Suppliers gain access to understandable security requirements, relative maturity scoring, training, and a marketplace of vetted cybersecurity and privacy “made-easy” tools.

GET IN TOUCH

Contact Us

Email Support

1-888-418-6628

COMPANY

About Us

Our Security

Blog

QUICK LINKS

Features

Due Diligence

Posture Pro

Training

HIPAA

PCI-DSS

Terms of Service | Privacy Policy | Security 

© 2022 Posture Inc. All Rights Reserved.

Privacy Center | Do not sell my personal information

© 2023 Posture Inc. All Rights Reserved.