TMCnet News

2022 HIPAA Guide from SecurityMetrics Bridges Healthcare IT Communication Gap to Protect Patient Data
[January 11, 2022]

2022 HIPAA Guide from SecurityMetrics Bridges Healthcare IT Communication Gap to Protect Patient Data

OREM, Utah, Jan. 11, 2022 /PRNewswire/ -- In September 2021, we witnessed the first death attributed to a ransomware attack at an Alabama hospital. While not all ransomware attacks on healthcare institutions result in this kind of tragedy, this incident illustrates just how serious data security for healthcare providers really is. Targeted phishing campaigns, insider negligence, ransomware attacks and third-party vendor vulnerabilities continue to drive these compromises. 

Healthcare organizations are frequently targets for data breaches because they are busy, often lack security resources, and can't afford for any of their systems to be down, making them more likely to pay a ransom. These organizations need a resource that will help them understand and implement security measures they must take to keep PHI safe. 

SecurityMetrics has released their 2022 Guide to HIPAA Compliance to help healthcare organizations secure their peace of mind and avoid a false sense of security. The 2022 HIPAA Guide helps healthcare IT and HIPAA compliance and risk officers understand how to comply with the HIPAA Security, Privacy, and Breach Notification Rules–such as best practices for conducting risk assessments, training employees, testing incident response plans, and improving network security.

The updated 2022 guide includes more insights from HIPAA security analysts, improved diagrams and graphs, and cloud security for healthcare organizations. The 2022 HIPAA Guide covers the practical steps organizations need to handle the following: 

  • Incident response plans
  • PHI encryption
  • Buiness associate agreements
  • Mobile device security
  • Cloud security
  • HIPAA-compliant emails
  • Remote access
  • Vulnerability scanning
  • Penetration testing

With new 2021 research data, this guide helps direct healthcare where to look for the highest risks. For example, ransomware continues to plague healthcare, yet only 54% or organizations train employees on the HIPAA Security Rule (i.e., how to securely handle patient health information). Only 41% of organizations surveyed conduct a risk analysis. 

Principal Security Analyst Jen Stone (MCIS, CCSFP, CISSP, CISA, QSA) says, "Many healthcare organizations understand the importance of HIPAA. They want to ensure the privacy and security of patient data, but they struggle because the law says what to do, not really how to do it. Our HIPAA Guide helps bridge that gap to give healthcare providers and business associates a way to implement policies, procedures, and security controls in a meaningful, HIPAA-compliant way."

"This is the most comprehensive guide on HIPAA I have found," said Crystal Hertz at National Health Foundation. 

Those who would like a copy of the SecurityMetrics 2022 Guide to HIPAA Compliance can download a PDF copy for free. Download the 2022 Guide to HIPAA Compliance here. 

To learn more about SecurityMetrics or HIPAA, contact 801-705-5621, email [email protected], or visit

For press inquiries contact 801-995-6516, or email [email protected].

About SecurityMetrics (

SecurityMetrics secures peace of mind for organizations that handle sensitive data. They have tested over 1 million systems for data security and compliance. Industry standards don't keep up with the threat landscape, which is why they hold their tools, training, and support to a higher, more thorough standard of performance and service, so you never have a false sense of security.

As an Approved Scanning Vendor, Qualified Security Assessor, Certified Forensic Investigator, and Managed Security provider, SecurityMetrics guides organizations through data security testing and compliance mandates (HIPAA, HITRUST, PCI, GDPR). With over 20 years of forensic investigations, penetration testing, vulnerability assessments, and HIPAA and PCI compliance audits, SecurityMetrics has tested over 1 million systems for vulnerabilities. The privately held company is headquartered in Orem, Utah where it maintains a Security Operations Center (SOC) and 24/7 multilingual technical support.

Cision View original content to download multimedia:

SOURCE SecurityMetrics, Inc.

[ Back To's Homepage ]