HIPAA Compliance in 2025: Persistent and Evolving Challenges
It’s been nearly three decades since HIPAA was enacted, yet compliance remains a significant challenge for healthcare providers and other entities handling protected health information (PHI). The regulatory landscape continues tightening. Cyber threats grow more sophisticated. In the wake of it, organizations must address both longstanding and emerging obstacles to avoid costly penalties and protect […]
Third-Party Risk Management: Extending GRC Beyond Your Organization
Third-Party Risk Management (TPRM) has become a critical extension of Governance, Risk, and Compliance (GRC) programs as organizations increasingly rely on vendors, suppliers, and subcontractors for essential operations. With 60% of organizations working with over 1,000 third parties — and many relying on fourth parties (the vendors of vendors) — modern GRC frameworks must address […]
The MSP Cybersecurity Newsletter: Building Client Trust Through Key Updates
As a Managed Service Provider, you face the dual challenge of protecting your clients while demonstrating your ongoing value. One of the most effective (yet underutilized) tools for accomplishing both goals is a well-crafted client newsletter. Even if you’re aware of the potential benefits, determining what content to include in each edition can be daunting […]
Security Awareness Training That Sticks: Microlearning Strategies for Busy Teams
Traditional security awareness training often fails to create a lasting impression on employees, despite the rising awareness of its importance. Enter microlearning: a trending approach that delivers security concepts in brief, focused segments designed specifically for today’s busy (or attention challenged) workforce. By breaking complex security protocols into short modules that employees can access anytime […]
Shadow IT and the Hidden Compliance Threats in the Channel
You’ve heard of it. You’ve thought about it. Shadow IT. While the term conjures images of rogue employees, the reality is far more nuanced — and far more dangerous. Shadow IT refers to the use of unauthorized cloud apps, storage, or services by employees or partners, often in pursuit of productivity or convenience. For MSPs […]
Who’s Driving Compliance? Discussion and Upcoming Webinar
Today, we’ve got a sneak peek at the talking points for this month’s episode of Get NIST-y. We’ll be joined by Liongard’s Michael Cannady as we explore the driving forces behind the compliance trend. What sort of info and insight can you expect from this live chat? The Myth of Rollbacks: Is Deregulation the End […]
HIPAA-Covered Entity Strikes Back With Lawsuit
The MTL vs. Ntirety Lawsuit: Establishing New Precedent for Business Associate Accountability In an unprecedented legal move that could reshape healthcare data protection standards, Molecular Testing Labs (MTL) has filed suit against its MSP following a significant data breach. The Vancouver, Washington-based laboratory specializing in precision diagnostics discovered on March 12, 2025, that patient data […]
Top Compliance Priorities for Healthcare Organizations in 2025
Healthcare organizations in 2025 face an evolving regulatory landscape driven by technological innovation, heightened data privacy concerns, and increased enforcement. The following priorities have emerged as most critical for compliance leaders and boards: 1. Stricter Data Privacy and HIPAA Security Rule Updates Regulators have significantly strengthened HIPAA rules to address rising cybersecurity threats and privacy […]
Forging Trust: Stakeholder Buy-In on Compliance
This article is an amended chapter from ‘Forging Trust’, our comprehensive guide to compliance-as-a-service (CAAS) for MSPs and SMBs, which will be rereleased in 2025 with added compliance guidance, info, and insights! Be sure to sign up for the companion newsletter for publishing updates and risk management news! Achieving compliance success hinges on more […]
From Tech Support to Compliance Pro
How MSPs Can Meet Growing Client Demand for Compliance Services Managed Service Providers (MSPs) are facing a significant shift in client expectations. What began as requests for technical support and infrastructure management has evolved into demands for comprehensive compliance solutions. Many MSPs find themselves unprepared for this transition, lacking the specialized knowledge and tools needed […]