Category: Compliance

What is GDPR

What is GDPR? GDPR or General Data Protection Regulation is new European Union data protection legislation outlining the various data protections for EU citizens data. It replaces the 1995 EU Data protection directive and defines a variety of users or customers rights and responsibilities on… Continue reading

The HIPAA Audits are Coming

The HHS Office for Civil Rights (OCR) is gearing up for random audits of healthcare providers and partners. OCR is starting its 2nd phase of its ongoing audit program of CEs (Covered Entities), BA (Business Associates) in 2016. You may recall that HHS’ Office for… Continue reading

PCI Compliance and PoS Security

If you run a business that processes credit card payments you know the difficulties of PCI compliance. Payment Card Industry Data Security Standard (PCI DSS) is a security standard that applies to any organization that accepts, process or store credit card data.  The PCI Standard… Continue reading

HIPAA, HITECH, PCI Compliance Failures

Many businesses hold inaccurate assumptions on achieving and maintaining compliance in the face of complex regulations in their industry. Primarily, they assume compliance is a one time project rather than an ongoing process. Most often it is something they completed several years ago by using… Continue reading

Windows Server 2003 – Time to Upgrade

Windows Server 2003, released in 2003 is nearing its end of life/end of support. This means that users of Windows Server 2003 will not receive patches, security updates or support moving forward as of the soon approaching – July 2015. As a business owner, you… Continue reading

Massachusetts Privacy Law – MA 201 CMR 17.00

Massachusetts Privacy Law, 201 CMR 17.00 went into effect as of March 1st, 2010. This regulation requires any companies, or individuals which stores personal information (PI) on MA residents to properly secure that data or face costly fines. Continue reading