category:

HIPAA

Article Cybersecurity

6 Blogs Honoring Data Privacy Week

To celebrate Data Privacy Week, we’ve compiled a list of blog posts that embody the significance of incorporating data privacy efforts in your organization:

Read More about the 6 Blogs Honoring Data Privacy Week
Article Compliance

The Impact of COVID-19 on Compliance

With more urgent priorities, many organizations were forced to take a risk-based approach towards compliance. How have requirements been impacted? Have any been loosened in light of the current circumstances? Below is an updated status of some of the common compliance regulations:

Read More about the The Impact of COVID-19 on Compliance
Article Compliance

Business Continuity – Processing Payments Remotely

There is no better time than now to confirm which merchants are collecting payments, and how that is being done, to ensure their efforts to provide customer service are not leaving your organization exposed.

Read More about the Business Continuity – Processing Payments Remotely
Article HIPAA

HIPAA: Common Violations and How to Avoid Them

Failure to comply with HIPAA can lead to significant financial penalties. Here are a few of the more common (and preventable!) incidents that can lead to breaches of protected health care information.

Read More about the HIPAA: Common Violations and How to Avoid Them
Article Higher Education

HIPAA vs. FERPA: High Level Guidance for Higher Ed

Colleges and universities maintain medical information in various ways and locations. While this personal information does indeed need to be protected, not all of those guidelines fall under HIPAA.

Read More about the HIPAA vs. FERPA: High Level Guidance for Higher Ed
Article Compliance

Overlapping Cybersecurity Frameworks and Compliance Standards

It can be helpful to take a step back from the individual checklists and shift from focusing on compliance to focusing more holistically on information security. One way to standardize and build a roadmap for your enterprise information security program is through the use of an industry cyber security framework.

Read More about the Overlapping Cybersecurity Frameworks and Compliance Standards
Article Compliance

Social Media – Defining Acceptable Use on Campus

Should employees be banned from accessing social media sites while at work? Should you be keeping track of what staff and faculty are posting and tweeting? Are they able to freely post anything on their social networks? What if it is information that pertains to your organization?

Read More about the Social Media – Defining Acceptable Use on Campus
Article Compliance

Internal Audit’s Role in Information Security

A large part of an Internal Auditor’s job is to keep current with regulatory standards, and ensure the executive level team is aware of any potential regulatory violations that could result in significant fines or losses.

Read More about the Internal Audit’s Role in Information Security
Article PCI DSS

Segmentation: Recommended by 5 out of 5 QSAs

While segmentation is not a requirement of the PCI DSS, it is generally accepted as the most effective way to separate those identified in-scope systems from those that need not be involved when adhering to PCI DSS requirements.

Read More about the Segmentation: Recommended by 5 out of 5 QSAs