Talk to a Security Expert Now: (800) 721-9177

Resources & Downloads

Independent security research, articles, whitepapers, and guides from the leaders in cyber security and penetration testing.

The 2016 Breach Report is Here!

With special pride, CynergisTek releases Redspin’s 7th annual Breach Report: Protected Health Information (PHI). Our experts assess the overall effectiveness of the current policies and controls intended to safeguard PHI. We identify significant new trends and highlight areas where improvements are most needed. Most importantly, we offer useful and practical recommendations based on real-world experience.

Our goal is to help the healthcare industry continually improve its ability to protect patient information. We hope this year’s report makes an important contribution.



Security Reports & Guides Download

  • 2016-breach-report-redspin-cynergistek

    Healthcare, Security Report

    BREACH REPORT 2016: Protected Health Information

    With special pride, CynergisTek releases Redspin's 7th annual Breach Report: Protected Health Information (PHI). Our experts assess the overall effectiveness of the current policies and controls

  • Redspin-2015-Breach-Report-Protected-Health-Information-PHI-Thumbnail

    Healthcare, Security Report

    BREACH REPORT 2015: Protected Health Information

    The HITECH Act mandates that large breaches of protected health information (PHI) totaling 500 records or more must be reported on a timely basis to the Office of Civil Rights (OCR) under the

  • Redspin IT Security Report


    Does Your Company Have a Mobile Security Policy?

    An emerging risk is the increased use of portable devices in the enterprise. How are you allowing mobile device secure access your sensitive information resources? Use our 'Redspin Sample Mobile

  • Redspin IT Security Report

    Checklists, Healthcare, HIPAA

    Are Your Healthcare Business Associates Compliant with the HIPAA Security Rule?

    Under the HITECH Act Section 13401(a), Business Associates need to comply with the administrative, physical and technical requirements of the HIPAA Security

  • 2015-redspin-security-program-development-framework


    Security Program Development Methodology

    The objective of this methodology is to support organizations with the ability to implement a prescriptive model for building a healthcare security program. Much of this approach is derived from our

  • 2015-redspin-risk-management-program-whitepaper

    Security Report

    Best Practices in Healthcare Risk Management

    More and more hospitals and healthcare providers are struggling to fully understand the security risks present in their environment. That’s not surprising given the challenges they face:

  • 2015-redspin-business-associate-framework


    Business Associate Management Framework

    The management of business associates (ba) is a critical activity for any healthcare organization. This methodology presents the elements that an organization must have to successfully manage all

  • redspin-2015-cloud-security-spotlight-report

    Security Report

    2015 Cloud Security Spotlight Report

    Cloud computing has become a part of nearly every CIO’s strategy. Yet IT security remains the biggest perceived barrier to further cloud initiatives. To help our clients better understand the risks

  • redspin-2014-breach-report-protected-health-information-phi

    Security Report

    BREACH REPORT 2014: Protected Health Information (PHI)

    As of December 31, 2014, a total of 1,170 large breaches of PHI affecting 40.8 million patients had been reported since HITECH went into effect in 2009. Last year alone, nearly 9 million heath

  • wp-redspin-mapping-application-security-to-business-value


    Mapping Application Security To Business Value

    This white paper outlines considerations and recommendations for reducing business risk by ensuring that your web applications are secure. Our goal is to present information that will be helpful not

  • redspin-before-the-breach-why-penetration-testing-is-critical-to-healthcare-it-security

    Security Report

    BEFORE THE BREACH: Why Penetration Testing is Critical to Healthcare IT Security

    Healthcare IT has dramatically changed over the past few years. With rapid change comes increased IT security risks, yet healthcare spending on IT security is roughly one-fifth of that of comparable

  • redspin-what-healthcare-ceos-need-to-know-about-it-security-risk

    Security Report

    What Healthcare CEO's Need to Know about IT Security Risk

    Today’s healthcare CEOs are presiding over the most dynamic period in the history of the industry. At the epicenter of this transformative change is the migration to electronic health records (EHR)

  • redspin-2013-breach-report-protected-health-information-phi

    Security Report

    BREACH REPORT 2013: Protected Health Information (PHI)

    A total of 804 large breaches of protected health information (PHI) affecting over 29.2 million patient records have been reported to the Secretary of Health and Human Services (HHS) since the August

  • redspin-2012-breach-report-protected-health-information-phi

    Security Report

    BREACH REPORT 2012: Protected Health Information (PHI)

    A total of 538 large breaches of protected health information (PHI) affecting over 21.4 million patient records have been reported to the Secretary of Health and Human Services (HHS) since the August

  • wp-redspin-what-you-need-to-know-hipaa-hitech-omnibus-rule

    Healthcare, HIPAA

    The Facts About HIPAA, HITECH, and the Omnibus Rule — What You Need to Know

    The healthcare industry is rapidly moving towards increasing use of electronic health records (EHR) and other information systems to provide health information to doctors and patients, pay claims,

  • redspin-2011-breach-report-protected-health-information-phi

    Security Report

    BREACH REPORT 2011: Protected Health Information (PHI)

    Breaches of protected health information (PHI) have reached epidemic proportions. While the Federal government regularly reports on the total number of breaches (385) and individuals affected (19

  • redspin-penetration-testing-what-you-need-to-know


    Penetration Testing – What You Need to Know

    So you think you need to do penetration testing? Before you embark on testing, it's important to understand exactly how penetration testing fits into your information security

  • redspin-8-questions-to-ask-your-it-security-auditor

    Checklists, Healthcare

    8 Questions to Ask Your Security Auditor

    At Redspin, we believe that every organization responsible for maintaining the privacy and security of sensitive data should invest in an independent review of their IT security. How should you

  • redspin-2010-breach-report-protected-health-information-phi

    Security Report

    BREACH REPORT 2010: Protected Health Information (PHI)

    A total of 225 breaches of protected health information affecting 6,067,751 individuals have been recorded since the interim final breach notification regulation was issued in August

  • wp-redspin-healthcare-security-privacy-business-step-by-step-guide

    Healthcare, HIPAA

    Ensuring Security, Privacy, and Compliance While creating Value with Healthcare IT

    A step by step approach to meeting security, privacy, and compliance goals through a focus on value creation. Spiraling costs and a lack of global competitiveness are often cited as major problems