Health Information Security/Privacy professionals should be familiar with the HIPAA Breach Notification Rule, which requires HIPAA covered entities (CEs) and their business associates (BAs) to provide notification to U.S. Department …
INFORMATION RISK
Next time you do a Risk Assessment or Analysis, make sure you have Risk Intelligence on board
I was prompted to write this quick post this morning when I read this article. I think it is a good example of what some (actually many, in my experience) …
Security Due Diligence For Microsoft 365 User Organizations
Co-written by Monica Meiterman-Rodriguez (Privacy Consultant) and Brian Ching (Information Security and Privacy Analyst) A majority of global enterprises are now using Microsoft 365 (“M365”) as their primary office application. …
Building the Privacy Balance Sheet in VC and PE Portfolios
By Rob McWilliams, Consultant – Tueoris In a global economy that is more reliant than ever on digital information, personal data is a high-value asset that carries corresponding risks. …
Is your auditor or consultant anything like the OPM OIG?
The OPM breach has been deservedly in the news for over a month now. Much has been written and said about it across the mainstream media and the internet1. …
This is how the Anthem breach could have been stopped, perhaps
It has been just over a week since the Anthem breach was made public. Over this period, the mainstream media and many of the bloggers and commentators, as usual, have …
Beware of Security Best Practices and Controls Frameworks
What could be possibly wrong with “Best Practices” or “Leading Practices” that your favorite security consultant might be talking about? Or for that matter, how could we go wrong if we used …
From A Security Or Compliance StandPoint…
It is probably safe to say that we security professionals hear the phrase in the title of this post rather frequently. For one, I heard it again earlier today from …
A Second Look At Our Risk Assessments?
I came across this Akamai Security Blog post recently which I thought was a useful and informative read overall. As I read through the blog post however, something caught my …