SECURITY Archives - Page 4 of 8

Compliance obligations need not stand in the way of better information security and risk management

Jul 31, 2013 | INFORMATION RISK, PCIDSS, REGULATORY COMPLIANCE, RISK ASSESSMENT, SECURITY

I couldn’t help write this post when I noticed this press release based on an IDC Insights Survey of Oil & Gas Companies. I don’t have access to the full …

Can we change the tune on Health Information Security and Privacy please?

May 31, 2013 | INFORMATION RISK, PRIVACY, REGULATORY COMPLIANCE, SECURITY

Notice the title doesn’t say HIPAA Security and Privacy. Nor does it have any of the words – HITECH, Omnibus Rule, Meaningful Use etc. That is the point of this post. Let …

Pay attention to Security Risk Analysis in Meaningful Use Attestation

May 31, 2013 | REGULATORY COMPLIANCE

As is well known, Centers for Medicare & Medicaid Services (CMS) has been conducting pre and post payment audits of healthcare provider organizations attesting to Meaningful Use (MU). Our experience …

CHIME On MU Audits… Looking For Thoughts/Feedback

May 7, 2013 | SECURITY

I happened to read this article from Information Week Healthcare and was especially interested by this quote reproduced below… “CHIME also raised the issue of excessive auditing of providers in …

Focus On What Really Matters Outcomes and Results

Mar 18, 2013 | INFORMATION RISK

Here is something to think about as a security/privacy consultant or consulting team, big or small … When you work on client consulting engagements, what are you really focused on? …

Do we have a wake-up call in the OIG HHS Report on HIPAA Security Rule Compliance & Enforcement?

May 23, 2011 | ACCESS GOVERNANCE, DATA BREACHES, HIPAA/HITECH COMPLIANCE, REGULATORY COMPLIANCE

If you didn’t notice already, the Office of Inspector General (OIG) in the Department of Health and Human Services (HHS) published a report on the oversight by the Center for …

Providers Is HIPAA Security Risk Analysis in your plan over the next few months?

Sep 22, 2010 | HIPAA/HITECH COMPLIANCE, REGULATORY COMPLIANCE, RISK ASSESSMENT, SECURITY

Security Risk Analysis is something that we recommend all organizations conduct periodically or before a significant process or technology change. After all, threats, vulnerabilities and impact (three components of risk, …

Let’s talk some “real” insider threat numbers How can Access Governance and SIEM be useful as effective safeguards?

Sep 15, 2010 | ACCESS GOVERNANCE, DATA BREACHES, INFORMATION RISK

If you have been following some of our posts, you probably realize that we don’t advocate security for the sake of security. Nor do we like to do compliance for …

You don’t know what you don’t know Do we have a “detection” problem with the healthcare data breach numbers?

Aug 25, 2010 | DATA BREACHES, HIPAA/HITECH COMPLIANCE, INFORMATION RISK, PRIVACY, REGULATORY COMPLIANCE, SECURITY

Like some of you perhaps, I have been reading a few recent articles on Healthcare data breaches, especially the one from Dark Reading and a detailed analysis of the 2010-to-date …

SECURITY

Compliance obligations need not stand in the way of better information security and risk management

Can we change the tune on Health Information Security and Privacy please?

Pay attention to Security Risk Analysis in Meaningful Use Attestation

CHIME On MU Audits… Looking For Thoughts/Feedback

Focus On What Really Matters Outcomes and Results

Do we have a wake-up call in the OIG HHS Report on HIPAA Security Rule Compliance & Enforcement?

Providers Is HIPAA Security Risk Analysis in your plan over the next few months?

Let’s talk some “real” insider threat numbers How can Access Governance and SIEM be useful as effective safeguards?

You don’t know what you don’t know Do we have a “detection” problem with the healthcare data breach numbers?

Reach out to us

Office

Call Us