Ryan Winkler

The HITRUST Common Security Framework (CSF) is a comprehensive and scalable approach to safeguarding sensitive data. The latest version, v11.3.0, introduces significant enhancements, including the integration of authoritative sources like FedRAMP, StateRAMP, and TX-RAMP, the incorporation of NIST SP 800-172 standards, preparations for Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements, and new security guidelines … Read more

Adopting artificial intelligence (AI) technologies is crucial for improving operational efficiency, intelligent decision-making, and streamlining essential business functions. AI significantly shifts how data is gathered, processed, and governed across a corporate network. Therefore, integrating it into core business functions requires a comprehensive strategy to mitigate risks, protect sensitive data, and build trust. This article highlights … Read more

It’s an unfortunate sign of the times that data breaches and privacy concerns are increasingly posing significant risks. In fact, 83% of the organizations IBM Security studied in their annual Cost of a Data Breach report have had more than one data breach. While it’s crucial to the survival of your business that you establish … Read more

If your company deals with credit card numbers, patient records, customer information or other sensitive data, the list of compliance standards, federal regulations, and state laws can be very long. And if you’re a healthcare organization? It’s even more complex. What is HIPAA? Probably the most well-known compliance standard is the Health Insurance Portability and … Read more

In an effort to stay relevant with current and emerging threats, HITRUST has made several updates. First, the big news: HITRUST has expanded its assessment portfolio to include a less-complex assessment with fewer requirements, called the Essentials, 1-year (e1) Validated Assessment. HITRUST has also updated the release of CSF v11, made new Correction Active Plan … Read more

HITRUST is the most widely adopted security and privacy framework in the healthcare industry, and it’s required by more than 84% of hospitals and health plans, according to Healthcare Weekly. We talked with 360 Advanced’s Practice Director Ryan Winkler, our HITRUST authority, about the HITRUST Risk-based, 2-year (r2) Validated Assessment + Certification, and the newly … Read more

Some organizations consider compliance audits a cost of doing business: resource-intensive and time-consuming, but a necessary step toward securing a new contract or maintaining an existing agreement. However, this view doesn’t take into account the full impact of a robust cybersecurity program – especially in today’s competitive landscape. Strategic Compliance Consumers have higher expectations for … Read more

Compliance audits require a significant amount of documentation. Whether you’re working toward a SOC report, a HITRUST certification, a PCI Report on Compliance, or any other security initiative, you will need to provide your auditor with formal evidence that your policies and processes are designed in accordance with relevant requirements. The documents you will need … Read more