May 2026 edition of CloudWave Connections
Hi friend,
An update to the proposed HIPAA Security Rule is expected to be announced any day now. Although these changes can seem daunting, these new requirements can be viewed positively. Soon, the entire industry will have a forward-looking, clearer, and consistent target to aim for.
Keep in mind that although this is a shift in cybersecurity expectations, this is a healthy evolution for healthcare. The proposed rules aren’t entirely new; they have been best practice for some time. We all know that protecting the systems, people, and clinical workflows that allow care to continue when it matters most goes beyond delivering a service. It impacts individuals, families, and communities.
If mandated, the ability to restore all patient-sensitive data within 72 hours of a cybersecurity incident will be necessary, and organizations will be at different stages of readiness, which is completely normal.
Organizations also don’t need to wait for the final rule to begin making progress. Early progress is far easier and less stressful than waiting until the deadline approaches.
You can’t do everything at once, so consider conducting an impact assessment. This can turn a complex regulatory update into a practical roadmap that will provide a manageable path forward.
We know that every organization is on its own journey, and community and rural hospitals have their own challenges.
For those of you who have been preparing, we commend you. For those still building toward readiness, CloudWave is here to help. Together, we have an opportunity to make healthcare more secure, more resilient, and better prepared to serve the communities that depend on us.
Read the Blog:
The HIPAA Security Rule Update Is Coming: From “Trust Us” to “Show Us”
Mike Donahue
Chief Operating Officer
CloudWave WEBINAR: June 3 at 2:00PM
MUSE 2026 in Chicago
Last week, CloudWave headed to the Windy City to exhibit and present at this year’s MUSE conference. After four years at a Dallas or Denver Gaylord resort, attendees enjoyed a change of scenery at the Hyatt Regency on East Wacker Drive, where they had a view of the river and decent temperatures for a quick stroll around the city.
Customer Appreciation Event at Wrigley Field
We enjoyed taking some of our favorite CIOs out to Wrigley to catch a Cubs game the night before the MUSE event. Although the weather cooperated, the Milwaukee Brewers did not, as they beat Chicago 5 to 2. Thanks to all of those who attended.
Threat Briefs for March
May 1
Four new campaigns are reported this week. The most critical is a confirmed Lynx ransomware attack on a U.S. regional hospital…
May 8
Three GTI-verified campaigns are reported this week, sourced from Google Threat Intelligence (GTI), CISA, and Palo Alto Networks Unit 42.
May 15
Three GTI-verified campaigns are reported this week, sourced from…
May 22
Two GTI-verified new campaigns are reported this week, sourced from Google Threat Intelligence (GTI) and CISA.
Read more in our Threat Intelligence Library
Many healthcare IT security leaders treat a tabletop exercise or incident response training like a static compliance requirement: it’s scheduled once a year, everyone shows up because they have to, and they leave feeling like they “checked the box.”
Join our Cybersecurity Insider Program
We’re excited to relaunch CloudWave’s Cybersecurity Insider Program (CIP) — your exclusive gateway to the latest healthcare IT security insights and resources.
Register today to get these exclusive benefits:
- On-Demand Learning Library
- Exclusive Member Offers
- Early Access to Specialized Content
- CIP Roundtables, Webinars, & Events
Customer Programs
Monthly Customer CIO Roundtables
Virtual | Join our monthly meetings to exchange ideas with your peers and hear from CloudWave experts on timely topics in Healthcare IT and cybersecurity
Events & Webinars
Oregon HIMSS | May 28 | DoubleTree Lloyd Center | Portland, OR
NE HIMSS Annual Conference | June 4 | Four Points by Sheraton | Norwood, MA
NHA Rural Health Conference | June 8-10 | Younes Conference Ctr | North Kearney, NE
Montana Frontier Conference | June 10-11 | DoubleTree by Hilton Hotel | Billings, MT
e-Health Conference | June 14-16 | Halifax Convention Ctr | Halifax, Nova Scotia
Product & Platform Updates
- Expanded CloudCare Support: Managed Patching is now available. Details →
- EDR Powered by SentinelOne: Simplify endpoint protection and visibility. Read More →
- Advance Authorization: Change order management made easy. Reach out to Customer Success to learn more→
- BlueOrange Compliance Elevates Cybersecurity with NIST CSF 2.0: Healthcare organizations continue to face rising cyber threats, tighter regulatory scrutiny, and increasing operational pressure. In this environment, a strong, future-ready cybersecurity and compliance posture is essential. That’s why BlueOrange Compliance is proud to announce our transition to the NIST Cybersecurity Framework (CSF) 2.0, fully integrated with NIST SP 800-53 Rev. 5 and NIST SP 800-66 Rev. 2. This upgrade replaces our previous assessment approach rooted in 800-53 Rev. 4 and 800-66 Rev. 1, offering a more comprehensive, modernized, and aligned path to security and HIPAA compliance. Read More →
Resources & Insights
- Recent Blogs – Expert perspectives on data protection, cybersecurity, compliance,and cloud strategy.
- Endpoint Detection & Response Digital Hub – Access resource guides, webinar recordings, blogs, and best practices.
- Tell Your Story – Help other healthcare organizations by sharing how you’ve overcome your technical and security challenges. Email Us →
Thank you for being part of our CloudWave customer community. We’re proud to support your mission to keep healthcare safe, connected, and resilient.
Stay tuned for next month’s issue!
— The CloudWave Team