.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
HIPAA 2026 Security Rule Overhaul: Why the Stryker Attack Matters
by Kelly O’Brien on March 17, 2026 at 2:51 PM
On March 11, 2026, the Iran-aligned hacktivist group Handala launched a devastating cyberattack on Stryker Corporation, one of the largest medical device companies in the United States, framing it as retaliation for U.S.-Israeli military strikes that killed civilians in Iran. The atta …
HIPAA Updates for 2026: What Healthcare Organizations Need to Know
by Kelly O’Brien on February 11, 2026 at 5:13 PM
The healthcare industry is heading into one of its most significant regulatory shifts in over a decade. With proposed changes to both the HIPAA Security Rule and Privacy Rule expected to be finalized in 2026, organizations that handle electronic protected health information (ePHI) nee …
New Year, New AI Rules: What Healthcare Organizations Need to Do Now
by Bryan Chnowski on January 16, 2026 at 3:08 PM
Several new state laws took effect on January 1, 2026, that directly govern how artificial intelligence is used and disclosed in healthcare settings. States are moving faster than federal lawmakers, and they are placing practical requirements on organizations that develop, deploy, or …
HIPAA Compliance in 2025: What’s Changing & Why It Matters
by Kelly O’Brien on July 10, 2025 at 2:22 PM
Healthcare privacy is evolving rapidly, and 2025 is poised to be a year of significant developments. From how artificial intelligence is handled to increased scrutiny around reproductive health data, the boundaries of HIPAA compliance are expanding. This blog post highlights the most …
SOC 2 for Healthcare: A Compliment to HIPAA Compliance
by Bernard Gallagher on March 8, 2025 at 1:00 PM
In today’s digital healthcare landscape, protecting sensitive patient data is a top priority. Healthcare providers are tasked with safeguarding information in compliance with rigorous regulations such as the Health Insurance Portability and Accountability Act (HIPAA). However, achievi …
New York Implements Stricter Hospital Cybersecurity Regulations
by William DePalma on October 15, 2024 at 5:06 PM
On October 2, 2024, New York State implemented groundbreaking cybersecurity regulations specifically targeting the state’s general hospitals. These regulations are a significant step forward in safeguarding sensitive patient data and healthcare operations, marking a notable shift in h …