Compliance

0a8cae998f9c51e3b3c0ccbaddf521aa

Enterprise Resilience: Healthcare Edition (Part 1: Challenges)

October 21, 2012 Added by:Rafal Los

Organizations that make up the small to medium enterprise market are finding themselves in trouble as they are appearing on a lot of radar screens for attack, yet can't seem to find the resources they need to defend themselves adequately. Lots of challenges present around that point, to start off with...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Using brainware to store patient data and ensure patient privacy

October 16, 2012 Added by:Danny Lieberman

If pharmaceutical companies can access data from patients, then they can design and manufacture better products. This is good for patient health but problematic for current regulation of patient privacy. There is no such thing as patient privacy once big commercial ventures like large pharmas get involved...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

James Bond at 50 – A Compliance Conversation in English and American

October 15, 2012 Added by:Thomas Fox

Maybe it’s just the difference in the two cultures; in the UK, they are trying figure out how and why compliance failures occurred and change the compliance culture so they can obey the law. In the US, businesses want to change the law so the conduct companies engage in will no longer violate the law...

Comments  (0)

F66c1a87a8db2cb584b4e06e93a84ce3

Online Banking: A Trust Opportunity to (Re)gain?

October 09, 2012 Added by:Mikko Jakonen

How come banks are telling people to maintain their security better, without putting their OWN reputation and capabilities in line with the DIRECT consequences of the change paradigm towards ‘webalized’ approach we have witnessed for years, has now resulted as poor operational security...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

CEO Hubris and Compliance Catastrophes

October 08, 2012 Added by:Thomas Fox

Even in this age of documenting, checking, measuring, stress testing and reassessing every conceivable type of risk, what is the one which is never tested? She believes that the answer is “the chief executive gets so high on power that he or she losses the plot...”

Comments  (0)

959779642e6e758563e80b5d83150a9f

Six Must-Do Items to Protect Patient Privacy

October 03, 2012 Added by:Danny Lieberman

In order to prevent breaches of patient privacy, we first need to establish baseline business requirements for the organization. There are 6 business requirements for preventing patient privacy breaches, these are “must items” for any healthcare business unit manager...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Revising Your Code of Conduct: Don’t Wait

September 30, 2012 Added by:Thomas Fox

The backbone of the revision process is how your company captures, collaborates and preserves “all of the comments, notes, edits and decisions during the entire project," and you should assess “the best application to launch your Code and whether it includes a certification process..."

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

The Face of Battle: Sir John Keegan and the Individual in Compliance

September 26, 2012 Added by:Thomas Fox

Compliance violation perpetrators will often grow the fraud in magnitude, sometimes increasing the number of participants. They will rarely cease on their own accord. This fits into Sir John’s analysis of the everyman of battle: What they did and how they did it...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Third Party Service Providers and PCI Compliance

September 25, 2012 Added by:PCI Guru

If a third party is providing your organization a service that has access to your cardholder data environment (CDE) or the third party could come into contact you’re your cardholder data (CHD), then that third party must ensure that the service complies with all relevant PCI requirements...

Comments  (3)

959779642e6e758563e80b5d83150a9f

Friends and Family Breach Patient Privacy, Not Estonian Hackers

September 17, 2012 Added by:Danny Lieberman

Humans being are naturally curious, sometimes vindictive and always worried when it comes to the health condition of friends and family. Being human, they will bend rules to get information and in the course of bending rules, breach patient privacy...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Compliance and Company Values from the Ground Up

September 17, 2012 Added by:Thomas Fox

For the compliance practitioner sometimes the biggest challenge is not only to get senior management but the troops in the trenches to embrace compliance. Cathy Choi's story is a powerful lesson of one way to get those troops to buy into what the compliance department is selling...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Internally Funding Your Compliance Program

September 11, 2012 Added by:Thomas Fox

Big banks are not doing too well these days in the compliance arena. From money-laundering operations for drug cartels to trading losses, big banks seem to be more in the news these days for compliance failures rather than successes...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Leadership in the Compliance Department

September 05, 2012 Added by:Thomas Fox

While a leader can provide some insights based on experience, and perhaps give a different view, the employee who brought up the compliance issue will probably be more intimately involved with it. The employee may have thought through a resolution to the potential issue as well...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Banks Should Promote EMV

September 04, 2012 Added by:Robert Siciliano

“EMV transactions require an authentic card validated either online by the issuer using a dynamic cryptogram or offline with the terminal... EMV transactions also create unique transaction data, so that any captured data cannot be used to execute new transactions...”

Comments  (0)

01ceb9281b3fb3dbb90c3efbe327717e

eVoting Gets Real

September 03, 2012 Added by:Alan Woodward

Having written about the characteristics of reliable e-voting systems in Scientific American recently it is interesting to see that officials are now working hard to implement it.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Pre-Authorization Data: The Definitive Answer

September 03, 2012 Added by:PCI Guru

Just to be clear, I have never argued that pre-authorization data was not to be secured with the same diligence as post-authorization data. I just could not find anything in the PCI DSS that explicitly called out the coverage of pre-authorization data.

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »