Decentralization of IT Tech Increases Security Risk

Decentralization of IT Tech Increases Security Risk

IT is becoming increasingly decentralized, with purchasing and management decisions being made at the business level. As cloud computing continues to move technology beyond IT, data is increasingly at risk. According to a new study by VMware, 69% of respondents believe IT has become increasingly decentralized over the […]

What China’s New Cybersecurity Law Means for You

What China’s New Cybersecurity Law Means for You

The Chinese government has just passed a cybersecurity law that has broad implications for international businesses. The move comes with great criticism, with some calling the law “draconian” and “abusive” while others note the law is “vague” enough to spark worries of “censorship and espionage.” The legislation was […]

Is Your Data Breach Response Plan Effective?

Is Your Data Breach Response Plan Effective?

We’ve posted many times about the importance of having a data breach response plan in place. Indeed, the FTC just released its own guidance on data breach response. A new study, however, demonstrates that “having a response plan is simply not the same as being prepared,” particularly if […]

Security in the Cloud Requires Visibility

Security in the Cloud Requires Visibility

There is a rapid enterprise movement toward the cloud, and yet such movement has remained uncoordinated. Gartner estimates that less than one-third of enterprises have a documented cloud strategy. This has led to an explosive growth in Shadow IT and Shadow data as well as application development that […]

FTC Asserts Independent Authority Over HIPAA-Covered Entities

FTC Asserts Independent Authority Over HIPAA-Covered Entities

The Federal Trade Commission (FTC) and the Office for Civil Rights (OCR) have jointly released a guide on the importance of complying with both HIPAA and the FTC Act. The guide reminds healthcare organizations to comply with both regulations as investigations or fines for non-compliance are assessed independently […]

PCI Security Standards Council Cements Position on Executive Responsibility for Data Security

PCI Security Standards Council Cements Position on Executive Responsibility for Data Security

The PCI Security Standards Council (SSC) recently compiled some resources on how to create a Culture of Cybersecurity. These resources reflect changes made to the PCI Data Security Standards (DSS) that require executive responsibility for data security. The PCI SSC regularly updates its standards based on feedback from the PCI […]

St. Joseph Home Care Network Confident of HIPAA Compliance with Absolute DDS

St. Joseph Home Care Network Confident of HIPAA Compliance with Absolute DDS

St. Joseph Home Care Network offers specialized services for in-home care delivered by multidisciplinary caregivers in home health, hospice, private duty and infusion pharmacy. With over 500 employees, St. Joseph’s was an early adopter of electronic medical records (EMR), accessing and inputting data to patient files on tablet devices […]

The ICO Takes a Stand on Data Protection Enforcement

The ICO Takes a Stand on Data Protection Enforcement

The UK Information Commissioner’s Office just issued a record fine to UK telecom company TalkTalk in connection with an October 2015 data breach.