In response to changes in the medical industry due to COVID-19, the Department of Health and Human Services (HHS) and Substance Abuse and Mental Health Services Administration (SAMHSA) have put forth a Notice of Proposed Rulemaking to streamline how doctors can access mental health information.
This article will discuss this rule change and why it seeks to address the gaps between HIPAA disclosure and mental health information protections.
Cyber threats continue to grow in complexity and sophistication. To address this evolution, the Department of Defense has introduced the Cybersecurity Maturity Model Certification (CMMC) 2.0 to ensure that defense contractors maintain robust cybersecurity practices to protect Controlled Unclassified Information (CUI).
To address one of the most important processes in modern security (risk management), CMMC 2.0 includes some risk assessment requirements.
This article will explore risk management’s vital role in achieving CMMC 2.0 compliance and its connection to the National Institute of Standards and Technology (NIST) guidelines, specifically NIST SP 800-171. We will delve into the various control families of NIST 800-171 and 800-172, their impact on risk management, and the steps organizations can take to address potential risks effectively.
In an era where cyber threats are constantly evolving, the importance of robust cybersecurity practices in the Department of War (DoW) supply chain can never be underestimated. The DoD relies on a vast network of defense contractors to support its mission, making protecting sensitive information in the supply chain a critical concern. In response to this need, the DoD introduced the Cybersecurity Maturity Model Certification (CMMC) as a comprehensive framework to enhance the security posture of defense contractors and minimize the risk of cyber threats and data breaches.
The original CMMC framework, while effective, raised concerns among industry stakeholders, particularly regarding its accessibility for small and medium-sized businesses that work with the DoD. As a result, the DoD revised and updated the framework, introducing CMMC 2.0 to address these concerns and streamline the certification process.
We’re discussing this critical security framework to mark the Lazarus Alliance receiving our CMMC Third-Party Assessment Organization (C3PAO) accreditation. This article will provide an in-depth look at the key changes introduced in CMMC 2.0, how defense contractors can benefit from the updated framework, and guidance on preparing for CMMC 2.0 certification.