PDF version accessible here.
SECURITY
HIPAA Breach Notifications 2020: Analysis, Observations and Recommendations
Health Information Security/Privacy professionals should be familiar with the HIPAA Breach Notification Rule, which requires HIPAA covered entities (CEs) and their business associates (BAs) to provide notification to U.S. Department …
GDPR Code of Conduct : Current State and Considerations for Next Steps
Since the EU General Data Protection Regulations (“GDPR”) came into effect in 2018, there has been much discussion, but little action, with regard to Article 40 Codes of Conduct (”Codes”) …
Next time you do a Risk Assessment or Analysis, make sure you have Risk Intelligence on board
I was prompted to write this quick post this morning when I read this article. I think it is a good example of what some (actually many, in my experience) …
Security Due Diligence For Microsoft 365 User Organizations
Co-written by Monica Meiterman-Rodriguez (Privacy Consultant) and Brian Ching (Information Security and Privacy Analyst) A majority of global enterprises are now using Microsoft 365 (“M365”) as their primary office application. …
How can Infosec GRC Deliver Wins in Risk Management?
Information security (infosec) risk management can often seem overwhelming and hard. Organizations can spend considerable resources on infosec programs or solutions, yet they may have challenges in implementing commensurate and demonstrable …
CCPA and Security Safeguards or Requirements
The California Consumer Privacy Act of 2018 (CCPA) is shaping up to be the most significant consumer privacy law passed in the United States in recent memory. The Act, which becomes …
IGA Where Disruption and Change Couldn’t Come Fast Enough!
Welcome to the introductory post in our “Meaningful Outcomes” series on Identity Governance and Administration (IGA). If you are here and reading this, you probably do not need an introduction …
Driving Effective Privacy Operations with Functional Requirements
By Shawna Doran, Senior Manager, Tueoris, LLC and Dan Goldstein, Partner, Tueoris LLC In the run-up to May 25, 2018, many businesses that thought they were well-prepared to meet their …