Compliance Standards Archives | Page 78 of 81

The Do’s and Don’ts of Preparing for HIPAA

by RSI Security August 29, 2018January 6, 2025

As a medical or health care provider, one of the most important (and often worrisome) aspects to doing business is regulatory compliance to protect the civil rights of patients. Federal, state, and local agencies are constantly formulating and implementing new rules that not only affect the way you run your practice day to day but can result in severe financial consequences if you’re found to be in non-compliance. Here, well focus on the Health Insurance Portability and Accountability Act (HIPAA), one of the most important regulatory frameworks you’ll need to focus your compliance efforts on.

August 29, 2018January 6, 2025 1 comment

HIPAA / Healthcare Industry

The 8 Most Common HIPAA Mistakes to Avoid

by RSI Security August 28, 2018April 10, 2025

written by RSI Security

Theres arguably no type of information more sensitive than that which relates to personal health care or medical records. Whether its a hospital, clinic or personal physician, entities that provide vital healthcare services are often the targets of hackers, cyber criminals, and other malicious actors that might seek to gain access to private medical information. Which is exactly why the Healthcare Insurance Portability and Accountability Act (HIPAA for short) was enacted in 1996, with stiff penalties and fines for HIPAA violations. If you are unsure whether your business is violating the HIPAA regulations, you’ll need to seek out cybersecurity consulting firms who are highly specialized in HIPAA compliance solutions to foster covered entities.

August 28, 2018April 10, 2025 0 comment

Encryption PCI DSS

Protecting System Components in CDE through Encryption

by RSI Security July 24, 2018December 3, 2024

written by RSI Security

Encrypting your cardholder data environment (CDE) is of paramount importance if youre keen on not just protecting your customers card data, but also salvaging your organizations data security. If your company handles any amount of credit card information, it must comply with the PCI DSS (Payment Card Industry Data Security Standards).

July 24, 2018December 3, 2024 0 comment

PCI DSS

Performing Regular Testing, Risk Analysis, and Addressing Risks

by RSI Security July 24, 2018January 14, 2020

written by RSI Security

Consistently testing and quickly addressing risks to your network security system is not just one of the common security controls that can be looked over, it is imperative to effective and safe performance. If your companys security system does not receive the necessary updates to its infrastructure, it can be potentially devastating for your organization.

Not being on top of these essential tasks can open the door to a myriad of cyber security threats from internal and external sources that could take years to recover from. However your business plans to approach security system testing, you should make sure you efforts fall in line with Payment Card Industry Data Security Standard (PCI DSS) requirements.

July 24, 2018January 14, 2020 0 comment

Firewall PCI DSS

PCI Compliance Firewall Requirements (PCI DSS Req. 1)

by RSI Security July 23, 2018November 19, 2024

written by RSI Security

With the rise of credit cards and online banking, financial theft has gradually shifted away from physical bank robberies to electronic payment fraud. Although payment cards facilitate convenient financial transactions for society, they also offer an ideal opportunity for threat actors to remotely steal a person’s identity or breach a companys information database. While all cybersecurity solutions are important, we want to first dive into how to increase your security across the payment card industry.

July 23, 2018November 19, 2024 0 comment

PCI DSS

Developing a Cybersecurity Policy for Incident Response and Prevention (PCI DSS Req 12.1)

by RSI Security July 23, 2018December 3, 2024

written by RSI Security

Were not even midway through 2018, and this year has already seen some of the most high profile companies and brands become victims to potentially malicious cyber attacks. Delta Airlines, Sears, and Panera Bread are just a few examples of high-profile companies that have had to contend with data breach and unauthorized access by outsiders so far this year.

July 23, 2018December 3, 2024 0 comment

Cybersecurity Solutions PCI DSS

Protect Cardholder Data With Antivirus Software

by RSI Security July 23, 2018January 14, 2020

written by RSI Security

What is Antivirus Software?

Lets face it, we are living in a highly technical age. Computers and digital technology surround us, cell phones that fit in our pockets have turned into full blown portable computers. There have been threats to computers just about as long as computers have been around. The first antivirus (AV) software was used to protect against just that, a computer virus. The name remains today, but there are far more malicious tools out there other than viruses. Modern anti-virus software protections can include shields against trojan horses, worms, spyware, adware, rootkits and can sometimes include guards against phishing.

July 23, 2018January 14, 2020 0 comment

PCI DSS

How to Keep Data Secure for Cardholders (PCI DSS Req. 3)

by RSI Security July 23, 2018January 6, 2025

written by RSI Security

The Payment Card Industry (PCI) is a coalition of credit card companies including American Express, Discover, MasterCard and Visa. Non-compliance with the 12 requirements specified in the PCI Data Security Standards (DSS) puts your company at greater risk of a future data breach that comes with a steep financial cost as evidenced by the plethora of well publicized data breaches last year alone. Of the 12 PCI DSS requirements, it was found that 79% of failed PCI Compliance assessments were in non-compliance because of not being able to protect cardholder data via requirement 3. Thats huge.

July 23, 2018January 6, 2025 0 comment

PCI DSS

Does a QSA need to be onsite for a PCI DSS assessment?

by Nicholas Giatrelis July 5, 2018November 19, 2024

written by Nicholas Giatrelis

Keeping cardholder data safe and secure is an important part of your business as well as an agreement with your payment card brands and acquirers in order to accept the credit card based payments. Compromised data has a negative impact on everyone involved. Protecting data can help:

Improve customer relationships
Increase overall profitability in any program
Prevent damage to your business’s reputation

This blog is part of our series of articles that will address frequently asked questions and provide a comprehensive guide on PCI DSS requirements and compliance.

Before we talk about QSA and on site assessment process for PCI compliance, heres a quick recap of the basics on PCI DSS.

July 5, 2018November 19, 2024 2 comments

PCI DSS

Restricting physical access to cardholder data (PCI DSS Req. 9)

by RSI Security June 21, 2018January 14, 2020

written by RSI Security

Credit cards hold a remarkable amount of cardholder data. If that data were to fall into the wrong hands, it could ruin a persons life. Now, imagine your company has a database of millions of credit cards that are unique to their cardholder. If that database were to be remotely breached via a phishing scam or hack, your entire database of payment cards could be stolen in a blink of an eye. In 2012 alone, attackers posing as legitimate service people substituted the payment devices and subsequently compromised three large retailers. It was found that 39% of organizations had been breached through insecure remote access (which was the single largest origin of compromise that organizations encountered).

June 21, 2018January 14, 2020 0 comment