HIPAA

6d117b57d55f63febe392e40a478011f

U.S. Intelligence Agencies Say Healthcare.gov May be Compromised

February 04, 2014 Added by:Anthony M. Freed

U.S. intelligence agencies warned the Department of Health and Human Services that the Healthcare.gov may have been compromised by contractors from Belarus who worked on developing code for the network who are suspected of inserting malicious code.

Comments  (1)

C787d4daae33f0e155e00c614f07b0ee

The Perils of Combining Security and Compliance

January 27, 2014 Added by:Robb Reck

There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.

Comments  (0)

6d117b57d55f63febe392e40a478011f

House Subcommittee Passes Legislation to Protect Critical Infrastructure

January 21, 2014 Added by:Anthony M. Freed

The House of Representatives Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies has passed a bill to bolster provisions to protect the nation’s critical infrastructure, moving it one step closure to full consideration.

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Lessons from a Soccer Manager for the Compliance Practitioner

January 21, 2014 Added by:Thomas Fox

Compliance leadership can take many forms and inspiration can come from many different sources.

Comments  (0)

54b393d8c5ad38d03c46d060fa365773

Security Advisor Alliance, A Nonprofit of Elite CISOs giving back to the community.

November 12, 2013 Added by:Jason Clark

Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.

Comments  (0)

Ae27d21943468124221937d59167fff8

The Ethics of Monitoring Your Employees

September 03, 2013 Added by:Edwin Covert

As the GAO report makes clear, organizations are well within their legal rights to monitor employee activity online when using organization information technology resources.

Comments  (1)

Ee445365f5f87ac6a6017afd9411a04a

What Magneto's Helmet and Non-ICFR SSAE 16 Controls have in Common

July 04, 2013 Added by:Jon Long

Recently I have had opportunities to observe several auditors defend why they believe the controls contained in their client's SSAE 16 reports are relevant to internal controls over financial reporting (ICFR).

Comments  (0)

483d57221cc733958be20869f1c7e400

HIPAA in Public Cloud: The Rules Have Been Set

July 03, 2013 Added by:Phil Cox

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) released the Omnibus Rule, which finalized all the former interim rules for Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) compliance.

Comments  (0)

369dec31d888693bba6b6e0f39c14ce3

Healthcare Interrupted - Top Five Vulnerabilities Hackers Can Use Right Now To Shut Down Medical Devices

June 24, 2013 Added by:Matt Neely

By performing penetration tests on hospital networks and medical devices, security researchers have found that many commonly used devices are insecure and can be easily compromised.

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

Identity & Access Management: Give Me a REST

June 19, 2013 Added by:Simon Moffatt

RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.

Comments  (0)

Ee445365f5f87ac6a6017afd9411a04a

Irregardless, Begs the Question, and SSAE 16 Certified

June 04, 2013 Added by:Jon Long

"Irregardless" is not a word, and is not a substitute for irrespective or regardless. "Begging the question" is a logical fallacy, not a substitute for "...which raises the question...", and there is no such thing as an "SSAE 16 certification".

Comments  (0)

6d117b57d55f63febe392e40a478011f

The Year of the Security Standard

May 09, 2013 Added by:Anthony M. Freed

Often in the security field we hear the question asked, “Who’s watching the watchers?” It occurred to me recently that one might make a similar rhetorical quip about other aspects of our field – in particular, the question of “Who’s standardizing the standards?”

Comments  (0)

D2b743b9ed2d7c357472fa8237d7adaf

Using Least Privilege to Effectively Meet PCI DSS Compliance

April 25, 2013 Added by:Andrew Avanessian

PCI DSS Requirement guidelines certainly reinforce how compliance has hardened from suggestive or advisory directives to true mandates with hefty fines and strict consequences for those failing to take heed.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Conducting Secure Transactions On-the-go with VPNs

March 20, 2013 Added by:Patrick Oliver Graf

The safeguarding of private customer information has become a top priority for many organizations, thanks in no small part to government regulation and industry oversight, as we move toward an increasingly digital world.

Comments  (0)

959779642e6e758563e80b5d83150a9f

Celebrity Privacy Breaches and High School Physics

February 01, 2013 Added by:Danny Lieberman

In our previous post on patient privacy, we noted that patient data loss is a lot like planes disappearing in the Bermuda Triangle – no one really knows where the planes disappeared to, since the people on the planes never return to tell the story...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Fly First Class But Pay Economy for HIPAA Compliance

January 22, 2013 Added by:Danny Lieberman

After the sanity check with the team that constructed the threat scenarios, you and your HIPAA consultant need to calculate your Value at Risk. Calculating VaR will help shed light on where to save money and where to spend money...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »