Tag Archives: Compliance
Windows 7 & Server 2008 – Time to Upgrade
The end of 2 beloved and notorious operating systems Microsoft Windows 7 & Server 2008 R2 is upon us. As of January 2020, Windows 7 and Windows server 2008 will no longer be supported. Much like you may remember the end of life for Windows… Continue reading
Why You Need HTTPS on Your Website
Most any web user can tell you when they visit a website that uses HTTPS. They know this by the green lock in browser or the HTTPS (vs. HTTP) in the address bar. This indicates that you can generally trust your connection to the site… Continue reading
Social Engineering Examples
Social engineering is a threat that faces organizations from small business to large enterprises. As we’ve explored multiple times on this site, there are few organizations that are truly prepared to address these types of threats. Social engineering attempts to coax, cajole, and manipulate others… Continue reading
What is GDPR
What is GDPR? GDPR or General Data Protection Regulation is new European Union data protection legislation outlining the various data protections for EU citizens data. It replaces the 1995 EU Data protection directive and defines a variety of users or customers rights and responsibilities on… Continue reading
Addressing the Insider Threat
Technology is a powerful tool in assuring the confidentiality, availability and integrity of your critical data – but it is no failsafe. Even the best of breed technology deployed in a layer approach (defense in depth) will have flaws. The most well meaning and resourced… Continue reading
The HIPAA Audits are Coming
The HHS Office for Civil Rights (OCR) is gearing up for random audits of healthcare providers and partners. OCR is starting its 2nd phase of its ongoing audit program of CEs (Covered Entities), BA (Business Associates) in 2016. You may recall that HHS’ Office for… Continue reading
PCI Compliance and PoS Security
If you run a business that processes credit card payments you know the difficulties of PCI compliance. Payment Card Industry Data Security Standard (PCI DSS) is a security standard that applies to any organization that accepts, process or store credit card data. The PCI Standard… Continue reading
Is Your Email HIPAA Compliant
Most health care providers and medical practices understand the basics of HIPAA compliance but often miss critical technical or operational details that leave them out of compliance. These technical details are far from inconsequential. Take the example of email. Many health care organizations (covered entities)… Continue reading
HIPAA Compliance Failures
Many organizations are under the erroneous assumption that they can claim compliance by simply buying an inexpensive software package or set of templates. Others simply attempt to go it alone and comply by reinventing the wheel. Many others assume compliance because they work with a… Continue reading
Does HIPAA Apply to My Organization
Healthcare practices & their partners large and small are legally obligated by the HIPAA HITECH and Omnibus regulations to protect the privacy and security of protect health information. These regulations which govern the use PHI (Protected Health Information) its use, storage and processing by healthcare… Continue reading
Recent Comments