Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
AI Services
AI Services
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Healthcare Assessments

By: Schellman
August 20th, 2024

Ever been to a water park and gone down one of those enormous slides? If so, you likely remember there being a park lifeguard at the top of the slide and near the bottom to ensure your continued safety. But imagine if those employees weren’t trained in safety and first aid—of course, the ride was likely designed well and with other safeguards, but it would make for a serious oversight by the park to do all that while not also ensuring their employees keep guests safe.

Blog Feature

Healthcare Assessments

By: GARY NELSON
August 7th, 2024

Source: Pharmaceutical Compliance Monitor On March 31, 2010 the Drug Enforcement Agency’s (DEA) rule, “Electronic Prescriptions for Controlled Substances” has revised its regulations to give physicians the choice of writing prescriptions for controlled substances the traditional method or through the electronic system. Originally, the regulation restricted physicians and practitioners from writing electronic prescriptions for controlled substances (EPCS).

Blog Feature

Healthcare Assessments

By: Jerrad Bartczak
June 20th, 2024

In the 2018 Marvel film Black Panther, genius inventor Princess Shuri quips that “just because something works does not mean it cannot be improved.” It’s a message the healthcare industry has taken to heart, as it has continuously searched for ways to improve the patient experience.

Blog Feature

Healthcare Assessments | HIPAA

By: Schellman
May 23rd, 2024

Perhaps believing they’re simply too small for the government to consider, some smaller healthcare providers will choose to either fly under the radar or hope that regulators of the Health Insurance Portability and Accountability Act (HIPAA) won’t notice their lack of correct processes and controls. However, this likely won’t work—in fact, over 55% of HIPAA fines in 2022 were levied against small practices.

Blog Feature

Healthcare Assessments | HITRUST

By: Michael Seegel
April 24th, 2024

Though HITRUST released v11 of the HITRUST CSF back in January 2023, as of April 16, 2024, HITRUST released CSF v11.3. Standard practice is for HITRUST to update their CSF annually—at a minimum—and this v11.3 is a relatively minor revision with two main differences:

Blog Feature

Healthcare Assessments | HITRUST

By: Michael Williams
April 23rd, 2024

For any organization committed to robust cybersecurity hygiene, due diligence isn’t just for your interior systems, operations, facilities, and people—it also requires vetting your service relationships with suppliers to ensure they’re also secure. This is something Microsoft clearly understands, given their rigorous Supplier Security & Privacy Assurance (SSPA) Program they require. And for said suppliers participating in the SSPA Program, there are benefits to further extending your security compliance through HITRUST certification.

Blog Feature

Healthcare Assessments | HIPAA

By: Schellman
February 1st, 2024

Successfully managing your HIPAA risk means accounting for those introduced by your vendors that are supplementing existing business processes in different ways. Vendors can make you vulnerable in a variety of ways, which means a variety of solutions becomes necessary.

Blog Feature

Healthcare Assessments

By: Schellman
January 17th, 2024

As you may remember, when Tom Sawyer was asked to paint a fence, he ended up outsourcing the job and even got his chosen “vendors” to pay him for the privilege. What was an assigned chore ended up being done by others and turning a profit for Tom.

{