BARR Advisory, P.A.

06/05/2026

AI can magnify your organization’s existing risks—especially when it comes to data access and security. 🔎

A strong risk management foundation is essential to prevent your AI tools from becoming your weakest link. 🔗

From access controls to employee training, here are the key areas you should focus on to stay protected: https://hubs.ly/Q04hkNLW0

06/04/2026

HIPAA compliance isn’t a one-time checklist—it’s the foundation of protecting patient data and building trust. 🔒

Whether you're a healthcare provider, health plan, or business associate, understanding where PHI lives, assessing risk, and implementing the right safeguards are critical first steps.

Learn how to build a strong HIPAA compliance foundation and strengthen your security posture: https://hubs.li/Q04k2YgC0.

Explore the evolution of HIPAA, key security and privacy requirements, who must comply, and the steps organizations can take to strengthen compliance and reduce risk.

06/03/2026

🗣️ "The governance programs don’t start first and then the tech comes. It’s the tech comes and the governance follows. That’s why risk management is so important."

How should AI should impact your GRC strategy? We recently teamed up with C1 to share tips and insights. 👉 Read the full recap of our webinar here: https://hubs.li/Q04hlQrC0

👉 Watch now on-demand: https://hubs.li/Q04hlP3M0

06/03/2026

Here’s a hard truth for e-commerce vendors: You need to know about every script that is running on your payment page. 🔍

PCI DSS 6.4.3 requires you to maintain an inventory of all scripts and ensure they are authorized before they are loaded. But many organizations struggle to track third-party scripts that load dynamically.

If you allow a script without understanding its necessity, you—and your customers—are at risk.

📍 Get tips on managing your script inventory on our blog: https://hubs.li/Q04hk__x0

06/02/2026

Big news from BARR Advisory: We are officially a CMMC Third-Party Assessor Organization (C3PAO)! 🛡️

As a C3PAO, BARR is authorized to perform formal certification assessments for organizations pursuing CMMC Level 2 compliance. This designation allows us to help defense contractors and suppliers navigate the complexities of CMMC with confidence.

“Achieving CMMC compliance not only opens doors to new defense contracting opportunities, but it also provides a strong foundation for managing risk and protecting sensitive data,” said Cameron Kline, BARR’s practice leader of attest services.

We’re proud to be part of an elite group of firms eligible to perform attestations against all of the leading cybersecurity frameworks, including SOC 2, ISO 27001, HITRUST, PCI DSS—and now, CMMC.

🗞️ Read the full announcement here: https://hubs.li/Q04jz75y0

06/01/2026

Happy Pride Month! 🏳️‍🌈 During June and throughout the year, BARR Advisory is proud to champion inclusion in tech.

“Leading with inclusion is the foundation of everything we do at BARR,” said Lauren Hannawald, Learning and Organizational Development Manager at BARR. “When we all have the freedom to be our whole selves, we are one step closer to a more inclusive world.”

Learn more about how we promote diversity and inclusion in the workplace: https://hubs.li/Q04h8mPx0

06/01/2026

The NE HIMSS Spring Conference is just days away! 🌼 Our team will be in attendance to connect with leaders in healthcare and technology.

Will we see you there? 👀

Be sure to stop by Booth 12 to see BARR’s Cameron Kline and Steve Ryan, or set up a time to meet with us so we don’t miss you: https://hubs.li/Q04d-G0q0

05/28/2026

Big changes are coming to the HIPAA Security Rule. 🚨

For the first time in more than a decade, a major update is expected to introduce stricter cybersecurity requirements, including mandatory MFA, annual pe*******on testing, and routine vulnerability scanning.

For many, these changes simply formalize what is already considered industry standard. Others may need to prepare for a big shift in their GRC practices. 🛠️

Here's what you need to know before these changes take effect: https://hubs.li/Q04d-PQm0

05/28/2026

Our consulting team has pulled together five must-read news stories for cybersecurity professionals this month. 🗞️

Find out what they've been reading in May's edition of Take5️⃣: https://hubs.li/Q04hhR2t0

05/27/2026

For healthcare organizations, safeguarding sensitive data isn’t just a technical responsibility—it is a business imperative.

But how do you know where to start—or where to go next? 🧭

We’ve published a comprehensive guide for every stage of your compliance journey. Download now for free—no log-in required: https://hubs.ly/Q04hkT120