Recently, the Government Accountability Office (GAO) reviewed the U.S. Department of Health and Human Services’ (HHS) security and privacy oversight and identified significant gaps in the cybersecurity guidance provided by HHS to entities regulated by HIPAA. The report’s primary criticism emphasized that though HHS prepared a crosswalk with the National Institute of Standards and Technology … Continue Reading