Drummond’s Comprehensive Healthcare Risk Assessment (CHRA) goes beyond mere compliance checks, offering a strategic approach to risk management that fortifies organizations against a broad spectrum of threats.
Ensuring that your vendors maintain robust data handling practices can protect your organization from significant financial, legal, and reputational risks. By prioritizing transparency, compliance, and secure development practices, businesses can safeguard sensitive information, maintain customer trust, and achieve long-term success.
Minimum Acceptable Risk Standards for Exchanges (MARS-E) is a set of guidelines developed to help secure sensitive data within health exchanges. Established and overseen by the Centers for Medicare & Medicaid Services (CMS), these standards protect personally identifiable information (PII) and other sensitive data used in state and federal health insurance marketplaces. Compliance with MARS-E is not only a regulatory requirement but also a vital component in maintaining the security and privacy of health information.
Charged with overseeing adherence to the Health Insurance Portability and Accountability Act (HIPAA), the Privacy Officer plays a pivotal role in safeguarding sensitive patient medical information. Their responsibilities encompass various tasks, from developing and implementing privacy policies and procedures to conducting risk assessments, ensuring workforce training and staying updated on changing regulations and technologies
Organizations should view a gap analysis as a checkup of sorts, providing a detailed preview of what aspects of their PCI framework need to be improved before committing to the rigor of a PCI assessment. By conducting a gap analysis, organizations can identify and rectify potential compliance gaps and ensure a robust security posture that can help them save time and money throughout the PCI assessment process.
Protect your organization with Drummond’s comprehensive CFR 21 Part 11 compliance audits. Our expert auditors ensure your electronic records meet FDA standards, safeguarding your compliance and reputation.
The healthcare technology industry is facing an increasingly complex array of cybersecurity threats. Protecting sensitive health information has become an all-consuming requirement driven by the rise in cyber threats and stringent regulatory requirements. For EHR developers and their users, implementing comprehensive risk assessments and proactive threat identification strategies is essential to ensure the integrity and security of patient data.
A leading healthcare technology & business solutions company was recently targeted by a notorious ransomware group, resulting in the group demanding a significant ransom to
Over the last several years, artificial intelligence has become increasingly integrated into many facets of human life, making it more important than ever to ensure
3622 Lyckan Parkway, Suite #3003
Durham, NC 27707 USA
© 2025 Drummond Group, LLC. All rights reserved. All brand names and trademarked logos used on this website are for identification purposes only and are the property of their respective owners. Their inclusion here does not imply endorsement, sponsorship, or affiliation with Drummond. All content, including text, images, graphics, and other materials, is protected by copyright law and may not be reproduced, distributed, or transmitted without prior written permission from Drummond Group, LLC.
DISCLAIMER: The services offered by Drummond Advisory Services are separate and distinct from the Drummond Group Test Lab and Certification Body. The purpose of Drummond Advisory Services is to provide expert support and guidance for the planning, analysis, and execution of certification activities; it does not negate the steps or required actions of the certification process. Use of Drummond Advisory Services does not guarantee successful ONC Health IT testing or certification.
