Archive for March, 2011

Legal Requirements for Information Security and Privacy Awareness and Training

Wednesday, March 30th, 2011

Earlier today following my online seminar, “Effective Training and Awareness: The Key to Information Security Success”  (http://gocsi.com/Training2011/OD/Awareness), I received the following question: 

 Where might I locate a summary breakdown of training regulations by industry? i.e. Pharma 

(more…)

Tags:, , , , , , , , , , , , , , , , , , ,
Posted in HIPAA, HITECH, Information Security, Laws & Regulations, privacy, Training & awareness | 3 Comments »

Yes, Automating Compliance Activities Can Improve Security…If Done Correctly!

Tuesday, March 8th, 2011

I participate in the Focus network and tried to answer the following question from “Caty” on their discussion board:

“How can compliance automation help secure my organization’s IT infrastructure?” Please describe the benefits of compliance automation and discuss how it can be used to secure an organization’s IT infrastructure.

However, after trying to submit my response in around half a dozen ways, I was told my answer was too long.  Instead of shaving off some of my content, I decided to post here to my blog, and then point to here from there.  Perhaps my other blog readers will be interested in my thoughts on this topic as well.

So, here is my answer… (more…)

Tags:, , , , , , ,
Posted in HIPAA, HITECH, Information Security, privacy, Privacy and Compliance | 2 Comments »