Medcurity Logo
Login

2026 HIPAA Security Rule Update: New Requirements Every Healthcare Organization Must Prepare For

Quick Answer: The 2026 HIPAA Security Rule update introduces significant changes including mandatory encryption of ePHI at rest and in transit (removing the “addressable” designation), required multi-factor authentication for all systems accessing ePHI, 72-hour incident reporting requirements, annual penetration testing, and enhanced business associate oversight obligations. These changes, proposed by HHS in late 2025, represent […]

HIPAA Compliance for Generative AI: What Healthcare Organizations Must Know

Quick Answer: HIPAA compliance for generative AI requires healthcare organizations to treat AI tools like ChatGPT, Gemini, or Copilot as potential business associates when they process electronic protected health information (ePHI). Key compliance requirements include: executing Business Associate Agreements with AI vendors before sharing any patient data, conducting risk assessments that specifically address AI-related vulnerabilities, […]

AI Security Risks in Healthcare: What Every Organization Needs to Know

Quick Answer: AI security risks in healthcare include unauthorized ePHI exposure through AI model training data, prompt injection attacks that extract sensitive information, AI-generated hallucinations leading to incorrect clinical decisions, supply chain vulnerabilities in AI dependencies, and insider threats amplified by AI-powered data access. Healthcare organizations must include AI systems in their HIPAA Security Risk […]

Network Vulnerability Assessments and HIPAA: Why Your SRA Isn’t Complete Without One

Biometrics for Network Security

Quick Answer: A HIPAA network vulnerability assessment is a technical evaluation that scans your healthcare network infrastructure to identify security weaknesses that could expose electronic protected health information (ePHI). It involves scanning servers, workstations, firewalls, routers, and connected devices for known vulnerabilities, misconfigurations, and outdated software. HIPAA does not explicitly mandate vulnerability assessments, but they […]

Why Assuming You “Don’t Store Much PHI” Could Put You at Risk

stack of files

Why Assuming You “Don’t Store Much PHI” Could Put You at Risk Resources Blog “We don’t store much PHI” is a dangerous assumption. Discover why HIPAA focuses on how data moves, not just where it lives, and learn practical steps to identify your real digital footprint. Introduction “We don’t really store much PHI.” In the […]

How to Bring AI Tools Into HIPAA Compliance With Confidence

AI technology connections

How to Bring AI Into HIPAA Compliance With Confidence Resources Blog Discover why AI tools must be included in HIPAA policies, risk analyses, and vendor management. Introduction Artificial intelligence is showing up across the healthcare ecosystem at a remarkable pace. From clinical decision support to real-time documentation help, automated scheduling, revenue-cycle automation, and generative AI […]

Social Media, HIPAA, and the Security Risk Analysis You Can’t Skip

social media and hipaa compliance

Social Media, HIPAA, and the Security Risk Analysis You Can’t Skip Resources Blog In healthcare, every post, photo, and “success story” shared online has the potential to do two things: build connection—or break compliance. Introduction Social media is one of the most powerful tools available to healthcare organizations today, but it’s also one of the […]

The New Voice Scam to Watch For

Someone talking on the phone

The New Voice Scam to Watch For Resources Blog AI voice scams are here—fraudsters clone voices with seconds of audio. Learn how to protect accounts, payments, and your team. Phone impersonation scams aren’t new—but they’ve become far more dangerous. Last year, we warned about fraudsters calling to trigger password resets or reroute payments. Those risks […]

Why Network Vulnerability Assessments Are a Must in Healthcare

Illustration of internet traffic with cross-sections secured by locks

Why Network Vulnerability Assessments Are a Must in Healthcare and What They Should Look Like in 2025 Resources Blog Discover why Network Vulnerability Assessments are essential—and how Medcurity’s new NVA Dashboard makes them smarter and actionable. Big news before we dive in:We’ve just launched a smarter, more actionable way to manage Network Vulnerability Assessments—and it’s […]

Why Medcurity Is the HIPAA Compliance Solution Large Hospitals Need in 2025

Hospital Emergency Room and Entrance directions sign

Why Medcurity Is the HIPAA Compliance Solution Large Hospitals Need in 2025 Resources Blog Scalable, intuitive HIPAA compliance for hospitals—Medcurity simplifies risk assessments, training, and policies across complex systems with expert support. For large hospitals and healthcare systems, managing HIPAA compliance is no small task. With thousands of employees, multiple departments, third-party vendors, and decentralized […]

Outdated Systems, Modern Solutions in Healthcare

Rotary phone.

Outdated Systems, Modern Solutions in Healthcare Resources Blog Discover how outdated systems in healthcare create risks and learn practical steps to modernize and ensure HIPAA compliance. Healthcare organizations often face a shared challenge: legacy systems. These are the tools and processes once considered cutting-edge but which now pose risks due to their outdated nature. From […]

AI in Healthcare: Friend or Foe?

Robot hands typing on a laptop.

AI in Healthcare: Friend or Foe? Resources Blog Explore how AI is transforming healthcare with groundbreaking benefits, critical risks, and actionable steps for secure and responsible adoption. The integration of artificial intelligence (AI) into healthcare has brought immense opportunities—and significant risks. It’s a topic healthcare leaders can’t afford to overlook. AI is not a distant […]

The Growing Need for Healthcare Data Security

Laptop with padlock illustrations floating from it in a 3D effect.

The Growing Need for Healthcare Data Security Resources Blog Explore the urgency of healthcare data security, proactive measures, and how Medcurity’s HIPAA solutions protect patient trust and compliance. In today’s digital age, the importance of robust healthcare data security cannot be overstated. With cyberattacks on healthcare providers reaching unprecedented levels, it’s crucial for organizations to […]

What the HHS AI Strategic Plan Means for the Future of Healthcare

Motherboard graphic with the word AI in the center.

What the HHS AI Strategic Plan Means for the Future of Healthcare Resources Blog Artificial Intelligence (AI) is transforming healthcare in real-time, and the U.S. Department of Health and Human Services (HHS) is taking a major step to ensure this transformation is innovative, equitable, and safe. With the release of its first-ever AI Strategic Plan, […]

How Hackers Are Using AI to Target Healthcare Providers

Humanoid robot face.

How Hackers Are Using AI to Target Healthcare Providers Resources Blog Hackers are leveraging AI to launch sophisticated cyberattacks on healthcare. Learn how to stay protected against these emerging threats. The rise of artificial intelligence (AI) has brought incredible innovations to healthcare. From improving diagnostics to streamlining operations, AI is transforming the industry for the […]

New Proposed Updates to the HIPAA Security Rule

Illustration of a padlock with tech lines branching from it.

New Proposed Updates to the HIPAA Security Rule Resources Blog Discover why 2025 is a turning point for healthcare cybersecurity with major HIPAA Security Rule updates on the horizon. Big changes are on the horizon for healthcare cybersecurity. The HHS Office for Civil Rights has proposed updates to the HIPAA Security Rule—the first major overhaul […]

HIPAA Compliance in Unexpected Places

HIPAA Compliance in Unexpected Places Resources Blog HIPAA compliance extends beyond obvious areas, requiring proactive measures to secure patient data, prevent breaches, and ensure organizational readiness. When we think about HIPAA compliance, patient records and EHR systems usually come to mind. But compliance goes beyond the obvious. Today, let’s look at three surprising areas where […]

Healthcare Cybersecurity Needs: Zero Trust

Healthcare Cybersecurity Needs: Zero Trust Resources Blog Cybersecurity is critical in healthcare. Embrace Zero Trust Architecture to protect sensitive data, prevent breaches, and ensure patient safety and compliance. In today’s healthcare world, cybersecurity is non-negotiable. With recent breaches making headlines and federal insights sounding the alarm, now is the time to get serious about security. […]

Stay Secure During Cybersecurity Awareness Month

Diagram of connecting lines with padlock icons throughout.

Stay Secure During Cybersecurity Awareness Month Resources Blog October is Cybersecurity Awareness Month—an ideal time to strengthen defenses and protect patient data from costly breaches and evolving threats. October is Cybersecurity Awareness Month, and there’s no better time to strengthen your organization’s defenses. Recently, the HHS Office for Civil Rights imposed a $240,000 penalty on […]

How To Immediately Identify Phishing Scams

Phishing scam banner

Don’t get let phishing emails disguise themselves as trusted sources steal ePHI or other private information! Learn the warning signs and practical strategies key to protecting your organization from cyber attacks.

The Fallout of Ascension Cyber Attack: What You Need to Know

Cyber attacker hovering over computer

Learn how a recent ransomware attack on Ascension exposed critical vulnerabilities in healthcare cybersecurity. Discover key takeaways and actionable steps to protect your organization from similar threats. Strengthen your defenses with expert guidance from Medcurity.

The Evolution of Phishing Attacks in Healthcare

Hands typing in password on smartphone

Discover how modern phishing tactics are targeting healthcare providers. Learn to identify and defend against these threats with expert insights. Protect patient data and safeguard your organization from costly breaches.

What You Need to Know from Verizon’s 2024 Data Breach Report

New data reveals a surge in cyberattacks, with human error and vulnerabilities leading the charge. Learn how ransomware, phishing, and misconfigurations are wreaking havoc on organizations. Discover essential steps to protect your business from these threats and build a resilient security posture.

Don’t Fall for Pretexting

As healthcare providers embrace digital transformation to enhance patient care and streamline operations, they must also be vigilant against emerging cybersecurity threats. One such threat that demands increased attention today is called “pretexting.”

//...snippet//