The increasing number of data security regulations has raised privacy concerns globally. Gartner’s industry analysis predicts that by 2023, about two-thirds of the world’s population will have personal data covered by modern privacy laws. Despite numerous attempts to coordinate a unified approach to data privacy, the United States still lacks a comprehensive federal data … Read more
Avoid a Data Breach: What a Health Care Org Should Do There are three things that a health care organization should do immediately to avoid a data breach. They are: Execute Advanced Penetration Testing. Performing an advanced external penetration test is a strategic approach to identify weaknesses in network and application security, as would a hacker. … Read more
Penetration tests and vulnerability scans, if performed regularly, will help your organization avoid a costly data breach. Did you know that? So why don’t more companies get on the ball and do this? Nearly every week, we read about a malicious hacker who has penetrated a security gap in an organization’s infrastructure to gain access to loads of … Read more
Phase 2 HIPAA Audits Prep Phase 2 HIPAA Audits have officially begun. You may know that the OCR is gathering information to determine which covered entities and business associates will be included in the auditee pool. If you haven’t already prepared for Phase 2 HIPAA Compliance, knowing where to begin may seem a bit overwhelming. … Read more
IT Regulatory Standards Are an Alphabet Soup IT regulatory standards got you down? If you work in IT or IT compliance, you’ve probably heard of the “Alphabet Soup” of regulatory standards. Think SSAE 16, SOC 2, HIPAA, PCI DSS, FISMA, ISO 27001, and others, of course. However, what do they all really mean? Which one is right for me? … Read more
When it comes to CFPB vendor compliance, companies must “oversee” their vendors “in a manner that ensures compliance with Federal consumer financial law…The CFPB’s exercise of its supervisory and enforcement authority will closely reflect this orientation and emphasis,” according to the Consumer Financial Protection Bureau’s CFPB Bulletin 2012-3. An effective risk management strategy includes the … Read more
It’s one thing to suffer one data breach – there is room to recover. Will Anthem survive a second breach? Don’t let this happen to you. With the Anthem breach still on the forefront of everyone’s minds, as well as the upcoming supervision from the OCR and the new phase of HIPAA audits, we have put … Read more
The recent Anthem breach is potentially the largest data breach to date in the healthcare space. When your CEO or your largest clients ask you what your plan is to prevent the same from happening to you, what are you going to tell them? Safeguarding Personally Identifiable Information (PII) is essential for avoiding a data … Read more
In light of the recent news of the data breach at Anthem Blue Cross/Blue Shield, risk assessment is our theme today. We welcome this guest post from our partner, KirkpatrickPrice…. Performing a Risk Assessment is a critical component of any Information Security Program. It’s mandated by several frameworks (SSAE 16, SOC 2, PCI DSS, … Read more
Guaranteeing hosting compliance. It’s pretty much something that AIS Network has always done, and it’s a clear service benefit. Our compliance with multiple security and regulatory standards such as HIPAA/HITECH, FISMA, FERPA, PCI DSS, GLBA, SOX and others repeatedly saves our clients time and money and helps them to avoid costly litigation over compliance errors. Up until … Read more