Blog Posts Tagged with "Regulation"
Healthcare Data and the (Private) Social Network
May 10, 2012 Added by:Danny Lieberman
Previously, we talked about the roles that trust, security and privacy play in online healthcare interactions. In this post we look at privacy challenges in social networks and describes how you can implement a private healthcare social network for without government regulation...
Comments (0)
Legislation Would Stick Business with Cyberwar Costs
May 08, 2012 Added by:Headlines
"The legally mandated role of the government is to provide for the common defense, and they're willing to spend pretty much whatever it takes... If you're in a private organization, your legally mandated responsibility is to maximize shareholder value. You can't spend just anything..."
Comments (2)
CISPA: The Devil is in the Details
May 08, 2012 Added by:Michelle Valdez
The problem with CISPA involves all the information added under one of the approved amendments. The vagueness about what information can be shared has caused most of the concern – especially that catch all category of “to protect the national security of the United States”...
Comments (2)
Cybersecurity Risks in Public Companies: An Infographic
May 07, 2012 Added by:Fergal Glynn
Following new SEC guidance issued relating to disclosure of security risks in company filings, public companies are beginning to be measured by regulators and investors on the strength of their security solution and ability to protect intellectual property and customer data...
Comments (1)
Healthcare Data: I Trust You to Keep this Private
May 04, 2012 Added by:Danny Lieberman
In this article, Danny Lieberman talks about the roles that trust, security and privacy play in online healthcare interactions. At the end of the article, he introduces the idea of private social networking for healthcare – leaving the piece open for a sequel...
Comments (0)
Remember Public Cellular Networks in Smart Meter Adoption
April 26, 2012 Added by:Brent Huston
ICS/SCADA owners must strive to clearly identify their needs around cellular technologies, clearly demarcate the requirements for private/segmented/public cellular network use and understand the benefits/issues and threats of what they are utilizing...
Comments (0)
Four Steps to Follow when Your Credit Card is Compromised
April 24, 2012 Added by:Christopher Burgess
Certification of compliance demonstrates that at that given point of time the entity was in adherence to the PCI standards. The threat landscape is dynamic and ever changing requiring those entrusted with our data to take steps beyond compliance to protect that data...
Comments (0)
FTC Final Report Provides Meaningful Protection Online
April 22, 2012 Added by:Electronic Frontier Foundation
Recently, the FT) released a final report on digital consumer privacy after more than 450 companies, advocacy groups and individuals commented on the December 2010 draft. The final report creates strong guidelines for protecting consumer privacy choices in the online world...
Comments (0)
FTC Commission Report on Protecting Consumers
April 17, 2012 Added by:David Navetta
The FTC has a front and center role in data privacy and enforcement. We have written extensively about the FTC’s actions and recommendations. How is the final Framework different from the draft Framework and what should your privacy professionals be taking away from the Framework?
Comments (0)
Data Breach Definitions, Costs and Security
April 12, 2012 Added by:Fergal Glynn
Companies that suffer a data breach lose more than just confidential information. Their reputation, productivity, and profitability can all be negatively impacted in the aftermath of even a single incident. The organization may face fines, civil or criminal prosecution...
Comments (0)
Data Classification: Why it is Important for Information Security
April 03, 2012 Added by:Christopher Rodgers
Once you know which data needs the most protection, you can properly allocate funds and resources to defend those assets. Employing a proper data classification scheme is cost effective, as it allows a business to focus on protecting its higher risk data assets...
Comments (0)
FTC to Link Do-Not-Track and Big Data Concerns
April 03, 2012 Added by:David Navetta
The FTC sees a greater threat to consumers in third-party data collection because of lack of notice, choice and transparency in the practices of data collectors. But the challenge is understanding where to draw the line between “first party” and “third party” practices...
Comments (0)
Cloud Security and the Enterprise
March 30, 2012 Added by:Ben Kepes
We need to ensure that legislation and regulations for cloud services truly reflect the realities of the cloudy world we live in and do not allow for a shotgun approach to compliance that primarily meets the needs of just one powerful interest group...
Comments (0)
Is a W-2 Considered PHI Under HIPAA?
March 26, 2012 Added by:Rebecca Herold
The question was framed as meaning the entire W-2 form was being “submitted” for financial assistance to pay for healthcare, so with this in mind, we will consider it as one document containing several information items that are necessarily grouped together...
Comments (0)
Transborder Data Flows at Risk
March 22, 2012 Added by:David Navetta
The proliferation of comprehensive data privacy laws, more or less on the European model, increasingly requires US-based multinationals and online companies to adapt to strict requirements for dealing with individuals in other countries...
Comments (0)
A Seat at the Table: Compliance in the Contract Tender Process
March 22, 2012 Added by:Thomas Fox
A mature compliance program can be a great benefit for a company, not only in evaluating risk from the compliance perspective but also preparing the necessary steps so that if a contact is awarded, it can be executed in an efficient manner. But it must have a seat at the table...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR