The US Department of Health and Human Services (HHS) presides overall healthcare and patient safety matters to “enhance the health and well-being of all Americans.” Extending this protection to patients’ health information, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) set baseline requirements for how hospitals and doctors process data. In 2009, HITECH compliance requirements expanded these protections to meet evolving threats of cybercrime.
Category: Compliance Standards
Staying informed about all of the cyber security compliance standards is essential to keeping your company safe from hackers. Read on to learn about the various steps you can take to stay up to date with your industry’s compliance standards.
-
Is A DPIA Required For GDPR
There is a special feeling when launching a new project. It is exciting, a little nerve-racking, but always bursting with potential.
Your company might be going through a similar process and feeling. But you might be unsure about the privacy implications. You might wonder, is a DPIA required under GDPR?
-
A Breakdown of HITRUST Self-Assessment Costs
Companies seeking a comprehensive solution to their compliance and cyberdefense needs should look no further than the HITRUST Alliance’s Common Security Framework (CSF). A revolutionary document, the CSF collects the controls from several regulatory frameworks and combines them into a comprehensive infrastructure any company can adopt to improve its defenses. And the first step toward the airtight protections the CSF provides is the HITRUST self-assessment questionnaire. Let’s take a look.
-
The GDPR Data Breach Reporting Timeline
Let’s set the stage. It’s 5 pm at the end of a workday; you’re ready to clock off when all of a sudden you get a ping on your phone advising you of a potential security event… what next?
The first thing: do not panic. Ascertain what the event was about, and if there is evidence of a breach, act.
The GDPR data breach reporting timeline gives your organization 72 hours to report a data breach to the relevant supervisory authority.
-
How Long Can You Store Data Under GDPR?
Issuing a sell-by-date on food products protects consumer health. Issuing a data deletion policy protects consumers’ privacy.
Many businesses are asking: how long can you store data under GDPR? Like the regulation regarding sell-by-dates, EU regulators have stated that the personal data you hold must have a shelf-life.
-
Who Enforces PCI Compliance?
Consumers’ financial data is a valuable target for cybercrime. As such, compliance with the Payment Card Industry (PCI) regulatory frameworks, like the PCI Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA DSS), is required for most companies that process credit card payments. But what happens for companies who don’t comply? And who enforces PCI compliance penalties?
-
What Happens if You’re Not PCI Compliant?
If your company processes credit and other card-based financial transactions, you need to abide by the Payment Card Industry (PCI)’s Data Security Standards (DSS), published by the Security Standards Council (SSC). Neglecting these frameworks can result in severe consequences for your business.
-
Exploring Open FAIR Risk Analysis Tools
Information security is the priority of Factor Analysis of Information Risk (FAIR), a system designed to manage weaknesses in an organization’s digital ecosystem. It primarily involves numbers and figures to help understand risks. To understand the quantification of risks more efficiently, we will explore Open FAIR Risk Analysis tools.
-
Pros and Cons of the HITECH Act
The Health Insurance Portability and Accountability Act of 1996, or HIPAA, has shaped how cybersecurity works in the healthcare industry for a quarter-century. In 2009, the Health Information Technology for Economic and Clinical Health Act (HITECH) changed how HIPAA works.
-
What are the HITECH Safety Measures?
The Health Insurance Portability and Accountability Act of 1996, more commonly known as HIPAA, has had immense impacts on the domestic and global healthcare industry. Over a decade later, the US Department of Health and Human Services (HHS) expanded HIPAA’s protections with the publication of the Health Information Technology for Economic and Clinical Health Act (HITECH). But what are the HITECH safety measures? In other words, what do you need to do to fully secure your company and its stakeholders? Keep reading to find out.