COMPLIANCE Archives - Page 4 of 9

Top 10 Pitfalls Security or Privacy Risk Assessments

Sep 24, 2013 | INFORMATION RISK, RISK ASSESSMENT

Risk Assessment is a foundational requirement for an effective security or privacy program and it needs to be the basis for every investment decision in information security or privacy. To …

Compliance obligations need not stand in the way of better information security and risk management

Jul 31, 2013 | INFORMATION RISK, PCIDSS, REGULATORY COMPLIANCE, RISK ASSESSMENT, SECURITY

I couldn’t help write this post when I noticed this press release based on an IDC Insights Survey of Oil & Gas Companies. I don’t have access to the full …

Can we change the tune on Health Information Security and Privacy please?

May 31, 2013 | INFORMATION RISK, PRIVACY, REGULATORY COMPLIANCE, SECURITY

Notice the title doesn’t say HIPAA Security and Privacy. Nor does it have any of the words – HITECH, Omnibus Rule, Meaningful Use etc. That is the point of this post. Let …

Pay attention to Security Risk Analysis in Meaningful Use Attestation

May 31, 2013 | REGULATORY COMPLIANCE

As is well known, Centers for Medicare & Medicaid Services (CMS) has been conducting pre and post payment audits of healthcare provider organizations attesting to Meaningful Use (MU). Our experience …

CHIME On MU Audits… Looking For Thoughts/Feedback

May 7, 2013 | SECURITY

I happened to read this article from Information Week Healthcare and was especially interested by this quote reproduced below… “CHIME also raised the issue of excessive auditing of providers in …

Do we have a wake-up call in the OIG HHS Report on HIPAA Security Rule Compliance & Enforcement?

May 23, 2011 | ACCESS GOVERNANCE, DATA BREACHES, HIPAA/HITECH COMPLIANCE, REGULATORY COMPLIANCE

If you didn’t notice already, the Office of Inspector General (OIG) in the Department of Health and Human Services (HHS) published a report on the oversight by the Center for …

May we suggest some priority adjustments to your PCI DSS Compliance program?

Aug 12, 2010 | INFORMATION RISK, PCIDSS, REGULATORY COMPLIANCE, SECURITY

It isn’t any news that achieving PCI DSS Compliance continues to be onerous for many merchants out there. PCI DSS is after all an all-or-nothing regulation meaning that not …

Proposed updates to HIPAA Security and Privacy Rules What is new?

Jul 16, 2010 | HIPAA/HITECH COMPLIANCE, INFORMATION RISK, PRIVACY, REGULATORY COMPLIANCE, SECURITY

It was good to see the Office of Civil Rights (OCR) publish the long awaited proposed updates to HIPAA Security and Privacy Rules Thursday last week. Note that OCR is …

Logging for Effective SIEM and PCI DSS Compliance …. UNIX, Network Devices and Databases

Jun 1, 2010 | HIPAA/HITECH COMPLIANCE, PCIDSS, REGULATORY COMPLIANCE, SECURITY, SIEM

In one of my previous blogs, I covered the importance of logging the “right” events for an effective Log Management or Security Information and Event Management (SIEM) deployment … see …

COMPLIANCE

Top 10 Pitfalls Security or Privacy Risk Assessments

Compliance obligations need not stand in the way of better information security and risk management

Can we change the tune on Health Information Security and Privacy please?

Pay attention to Security Risk Analysis in Meaningful Use Attestation

CHIME On MU Audits… Looking For Thoughts/Feedback

Do we have a wake-up call in the OIG HHS Report on HIPAA Security Rule Compliance & Enforcement?

May we suggest some priority adjustments to your PCI DSS Compliance program?

Proposed updates to HIPAA Security and Privacy Rules What is new?

Logging for Effective SIEM and PCI DSS Compliance …. UNIX, Network Devices and Databases

Reach out to us

Office

Call Us