KnowBe4 launched a new version of its Compliance Audit Readiness Assessment that now covers select requirements for the Health Insurance Portability and Accountability Act Security Rule to address healthcare privacy requirements. Healthcare organizations around the world continue to inadequately protect sensitive protected health information. Between 2009 and 2021, 4,419 healthcare data breaches of 500 or more records have been reported to the U.S. Health and Human Services' Office for Civil Rights.

Those breaches have resulted in the loss, theft, exposure or impermissible disclosure of 314,063,186 healthcare records. CARA is a complimentary, web-based tool that helps organizations assess their readiness for meeting compliance requirements. With this new version, IT and security professionals are guided through specific select requirements from the Health Insurance Portability and Accountability Act Security Rule outlined by HHS.

CARA asks security professionals to rate their readiness for each requirement and then provides an analysis of the results to help them define the controls they need in place before a compliance audit. The HIPAA Security Rule contains the standards to safeguard and protect electronically created, accessed, processed or stored PHI. The rule applies to any organization or system that has access to confidential patient data.