You Don’t Attain Your Clients’ Compliance
Someone recently commented that I write a lot of blog posts based on my work and what my clients, students and others I meet at conferences and training classes have said or done. Well, that’s because...
View ArticleSales and Marketers: Don’t Diss the Info Sec Pros
This past week one of my marketing friends made a statement I’ve heard far too many sales and marketing folks say over the years. “The IT Security folks don’t have decision-making authority, and they...
View ArticleWhen is PHI Not PHI?
The deadline for complying with the Omnibus Rule is quickly approaching. Psst…it’s September 23 for most covered entities (CEs) and business associates (BAs). I’ve been tardy in getting blog posts...
View ArticleTop 4 Reasons Encryption Is Not Used
Over the past week a few reporters who were following up on a recent breach of 9 million patient records for stories they were writing asked me basically the same question amongst all their others,...
View ArticleUse Encryption despite Your NSA Snooping Fears
I’ve received numerous questions from various news outlets, clients and colleagues since the published revelation that the NSA was getting the assistance of encryption vendors to decrypt messages...
View ArticleEver Feel like Somebody is Watching You? They Are!
“Sometimes I feel like…somebody’s watching me! And I have no privacy!” (The Rockwell hit from…quite appropriately…1984.) Each day, we are tracked by the ‘smart’ systems, mobile apps, personal...
View ArticleYou Must Practice Daily Compliance Hygiene
Compliance, like much of life, takes ongoing effort Okay, folks. Time for a reality check for what data protection compliance involves. You know what’s often tedious and hard? Well, a lot of things in...
View ArticleIf there’s a Shred of Evidence it’s Not Shredded
“What’s the minimum shred size?” Recently I got a great question from one of my Compliance Helper clients: “This may seem like a silly question, but is there any type of HIPAA compliance requirements...
View ArticleWhat You Need to Know for Retention Compliance
One of the things I love about helping all my Compliance Helper (CH) clients with their information security and privacy compliance activities is that they often ask questions that most other small and...
View ArticleOrganizations Need to Use More Than One Type of Encryption
Encryption has been talked about a lot lately. I’ve gotten at least a couple dozen questions from my Compliance Helper clients in the past month. They can pretty much be boiled down to this question:...
View ArticleIf it was Intentional it is *NOT* Incidental
In the past week I got the third question in a one month time-frame about the same topic. My unwritten, loosely followed rule is that if three different organizations ask me pretty much the same...
View ArticleYes, You Still Need Policies for Your Outsourced Activities!
Here’s a statement I’ve answered over 100 times (seriously!) in the past few years. “We’ve outsourced that IT activity, so we don’t we don’t need a policy for it.” The one word reply to this statement...
View ArticleTime to Focus on Privacy Every Day
This week January 28 was recognized around the world at International Data Privacy Day. Data Privacy Day is the perfect time to think about all things privacy. For example, consider all the computing...
View ArticleMobile Device Security Continues to get More Complicated
I first started working on truly easily mobile computing device (not counting the first programmable pocket calculator, or the luggable computers that could not be hidden in your pocket) security in...
View ArticleStrong security controls are necessary for more than just preventing hack...
Recently I’ve heard in various discussion venues the argument that information security controls are an impediment to technology use, and that instead we should look at demotivating the hackers. With...
View ArticleNSA is not the Only One Getting to Your App Data
Do you think the NSA is the biggest threat to your privacy? Certainly they are collecting a significant amount of personal data. And from the looks of it, with their new facility that may hold up to 12...
View ArticlePhone Scam Open Season – Business Risks
It seems that right now phone scam season is going strong! I got 2 calls last week from scammers. I got another scammer call during a meeting last night. Two of my LinkedIn contacts got calls in the...
View ArticleMore Phone Scams For the General Public
It seems that right now phone scam season is going strong! Last week I posted about some common scams targeting businesses. Those same scams are also targeting the general public, so please be on the...
View ArticleWill the Demise of XP Shut Down Your Business…or Heart?
If you haven’t heard yet, Windows XP will no longer be supported after April 8, 2014. That’s just a couple of weeks away! Why should you even care? Well, because you may have an important, or even...
View ArticleRx for Incorrect Compliance Claims and XP
In the past couple of weeks I’ve gotten a couple dozen questions from my clients that are small to midsized covered entities (CEs) or business associates (BAs) under HIPAA, in addition to several small...
View Article
More Pages to Explore .....