We built training into Slack as a means of delivering content within the flow of work. The next iteration of Haekka training will be event-driven (EVDT). While Haekka and EVDT can be used as the sole security awareness training vendor, it can also succeed as a companion to existing vendors.

This covers 5 cybersecurity practices all remote workers should follow. Remote work enables employees and companies to operate more efficiently, but also introduces new data security risks. The new way of working has made security everyone's concern, so all employees should always remain vigilant.

A blog post explaining what companies that use Slack to store, discuss, or transmit protected health information should and should not do. It includes tips for securing Slack and explains what practices Slack has prohibited.

This is a blog post detailing the top 5 challenges companies trying to maintain HIPAA compliance face in 2022. The world has changed a lot in the past two years and there are many new areas where organizations need to protect their data as compared to the past.

A blog post summarizing important steps organizations must take to make their Slack workspace HIPAA compliant. Many companies working in healthcare are using Slack to improve their efficiency, but using Slack to create, store, or transmit PHI requires additional security layers.

With new features like web-based training, improved ways to engage staff on a recurring basis, new HRIS integrations, performance improvements, and more, Haekka 2 is built to meet the training needs of modern, remote companies!

This is a blog post about the 5 best Slack apps for security and compliance. Slack apps are can be extremely useful when leveraged properly, and security is one operation that Slack apps make more efficient. These apps each serve a different purpose and can be used in conjunction with one another.

This blog post explains what social engineering is, gives common forms of social engineering attacks, and offers five ways to prevent social engineering attacks. This post was published during data privacy week to help people keep themselves and their organizations safe.

A brief guide for understanding HIPAA violations. This post covers what constitutes a HIPAA violation, how to report HIPAA violations, and how to prevent violations by creating an effective compliance program. It also puts an emphasis on effective employee training for compliance efforts.

Phishing attacks are one of the most common forms of attack against employees. In a world full of remote workers, communications over email have never been more important or more integrated into work. How can you train remote employees on these dynamic and continuous attacks? Learn how in this post.

The past two years have seen a record number of healthcare startups. As we continue to progress into the new year, we want to showcase 9 startups we believe will disrupt healthcare in 2022. These companies have smart teams, amazing products, and are ready to change the world!

Healthcare data is extremely sensitive. And, HIPAA requires some form of security training under section. Despite that, data from Osterman Research found that a whopping 24% of healthcare workers were not offered security awareness training at their workplace!

If you find yourself on the website for a company in the healthcare industry, you may notice a badge showcasing that the organization is “HIPAA Certified”. Seeing these badges can be confusing since there is no official HIPAA certification.

The shift to digital healthcare has created many challenges around identifying protected health information (PHI) and and ensuring PHI is utilized in a compliant manner. Keeping up with changing regulations and technology can be difficult, but this post sheds light on the various aspects of PHI.

How long do you need to retain medical records under HIPAA? HIPAA defines what data needs to be kept but it is not the data that most people think of when they think about HIPAA. In this article we detail what HIPAA requires in terms of retaining medical records.

HITRUST is not a small investment. HITRUST takes considerable time and money. HITRUST should be viewed as an investment. An investment that will create an ROI only if leveraged over time and in a proactive way. In this post, we breakout the various ways we've seen companies get value from HITRUST.

With today's transition to remote work, the entire paradigm of employee learning changes. Onboarding remote employees and continually engaging them with relevant knowledge is harder now than every. Slack, the hub of communications for many companies, has many features perfectly suited to an LMS.

HITRUST, as a meta framework that normalizes and maps to various regulations, can be leveraged by companies to address requirements across the myriad of regulatory frameworks that exist today, making reporting more streamlined for companies that operate across industries and geographies.

Ever wonder how HITRUST works when you rely on partners, such as cloud providers and SaaS vendors, for various parts of your infrastructure? Third party risk is a major factor to consider when deciding what vendors you want to work with and how they impact your security and compliance posture.

We're often asked if Slack is HIPAA compliant — meaning is it a suitable place to store and transmit PHI. Because we're helping companies train their staff on both the HIPAA Privacy and Security rules, I felt it would be helpful to discuss the details of how best to use Slack in a HIPAA-compliant...

HITRUST scoring can be complicated and the details are best left to assessors and the CSF. The main goal of this post is to appreciate the various components that go into your overall score. With this, you can focus resources on areas with the most impact to help you achieve HITRUST Certification.

After you've determined that HITRUST is a framework to which you want to comply, the next step is to decide on the type of HITRUST assessment for your company. HITRUST offers 3 different types of assessments. The type of HITRUST assessment determines the level of assurance and external value.

HITRUST is an increasingly important and widely adopted security reporting framework. With an initial focus on healthcare, HITRUST has expanded to other verticals. In this first post in a series, we provide an introduction to HITRUST and an overview of the HITRUST Common Security Framework (CSF).

Your employees have the power to make or break your company’s success. While many companies reach for traditional training methods, upskilling, a new form of training, is often a better alternative. In this post we examine upskilling and how to effectively implement it at your company.

We officially launched on Product Hunt today! Go check it out and don’t be shy about showing us support or dropping comments. There’s an awesome demo from Ryan that shows the entire product experience. Why are we launching now vs a month ago or a month from now? We explain in this post.