PRIVACY Archives - Page 5 of 10

Beware of Security Best Practices and Controls Frameworks

Aug 6, 2014 | INFORMATION RISK

What could be possibly wrong with “Best Practices” or “Leading Practices” that your favorite security consultant might be talking about? Or for that matter, how could we go wrong if we used …

How useful is the HHS OIG report published this week?

Aug 6, 2014 | HEALTHIT

I am sure some of you saw this news report about HHS OIG finding some security related deficiencies in the EHR certification program. I was keen to read the full …

From A Security Or Compliance StandPoint…

Jun 9, 2014 | INFORMATION RISK

It is probably safe to say that we security professionals hear the phrase in the title of this post rather frequently. For one, I heard it again earlier today from …

A Second Look At Our Risk Assessments?

Jan 26, 2014 | INFORMATION RISK, RISK ASSESSMENT

I came across this Akamai Security Blog post recently which I thought was a useful and informative read overall. As I read through the blog post however, something caught my …

Top 10 Pitfalls Security or Privacy Risk Assessments

Sep 24, 2013 | INFORMATION RISK, RISK ASSESSMENT

Risk Assessment is a foundational requirement for an effective security or privacy program and it needs to be the basis for every investment decision in information security or privacy. To …

Can we change the tune on Health Information Security and Privacy please?

May 31, 2013 | INFORMATION RISK, PRIVACY, REGULATORY COMPLIANCE, SECURITY

Notice the title doesn’t say HIPAA Security and Privacy. Nor does it have any of the words – HITECH, Omnibus Rule, Meaningful Use etc. That is the point of this post. Let …

Focus On What Really Matters Outcomes and Results

Mar 18, 2013 | INFORMATION RISK

Here is something to think about as a security/privacy consultant or consulting team, big or small … When you work on client consulting engagements, what are you really focused on? …

Let’s talk some “real” insider threat numbers How can Access Governance and SIEM be useful as effective safeguards?

Sep 15, 2010 | ACCESS GOVERNANCE, DATA BREACHES, INFORMATION RISK

If you have been following some of our posts, you probably realize that we don’t advocate security for the sake of security. Nor do we like to do compliance for …

You don’t know what you don’t know Do we have a “detection” problem with the healthcare data breach numbers?

Aug 25, 2010 | DATA BREACHES, HIPAA/HITECH COMPLIANCE, INFORMATION RISK, PRIVACY, REGULATORY COMPLIANCE, SECURITY

Like some of you perhaps, I have been reading a few recent articles on Healthcare data breaches, especially the one from Dark Reading and a detailed analysis of the 2010-to-date …

PRIVACY

Beware of Security Best Practices and Controls Frameworks

How useful is the HHS OIG report published this week?

From A Security Or Compliance StandPoint…

A Second Look At Our Risk Assessments?

Top 10 Pitfalls Security or Privacy Risk Assessments

Can we change the tune on Health Information Security and Privacy please?

Focus On What Really Matters Outcomes and Results

Let’s talk some “real” insider threat numbers How can Access Governance and SIEM be useful as effective safeguards?

You don’t know what you don’t know Do we have a “detection” problem with the healthcare data breach numbers?

Reach out to us

Office

Call Us