By Shawna Doran, Senior Manager, Tueoris, LLC and Dan Goldstein, Partner, Tueoris LLC In the run-up to May 25, 2018, many businesses that thought they were well-prepared to meet their …
COMPLIANCE
Alternatives to Consent: New Approaches to Processing Patient Data for Current and Future Clinical Research
Introduction Pharmaceutical and biotech companies sponsoring clinical research have traditionally relied on patient consent as the legal basis for processing personal data, sensitive personal data and biologic material for …
Is your auditor or consultant anything like the OPM OIG?
The OPM breach has been deservedly in the news for over a month now. Much has been written and said about it across the mainstream media and the internet1. …
Patient Portals Make or Break
Like many other Health IT initiatives today, the primary driver for patient portals is regulatory in nature. Specifically, it is the Meaningful Use requirements related to view, download or transmit and …
Hello PCI SSC… Can we rethink?
This is a detailed follow-up to the quick post I wrote the Friday before the Labor Day weekend, based on my read at the time of the PCI SSC’s Special Interest Group …
Security is mostly basics, but talk is cheap
In most cases, better security posture is all about getting a few basics right. And this recent incident related to the breach of a Healthcare.gov server may be further proof …
Hello PCI SSC…
Hello PCI SSC, You had me on board until I saw this statement in your guidance1 released yesterday. “However, using risk as the basis for an organization’s information security program …
PCI Breaches Can we at least detect them?
Almost all Payment Card Industry (PCI) breaches over the past year, including the most recent one at Supervalu appear to have the following aspects in common: 1. They involved some compromise …
That Odd Authentication Dichotomy Needs To Change
By now, it should be clear that we need to consider strong (multi factor) authentication for access to anything of value. In an age and time when most public email services …