This past week one of my marketing friends made a statement I’ve heard far too many sales and marketing folks say over the years.
“The IT Security folks don’t have decision-making authority, and they aren’t concerned with anything beyond their network. I try not to spend too much time on them.”
It reminded me of when I was responsible for information security and privacy at a multi-national financial and healthcare organization throughout the 1990’s. I had (more…)
Tags:awareness, breach, compliance, data protection, IBM, Information Security, information technology, infosec, IT security, marketing, midmarket, monitoring, non-compliance, PHI, PII, policies, privacy, privacy laws, privacy practice, privacy professor, privacyprof, Rebecca Herold, risk assessment, risk management, sales, security, social network, surveillance, systems security, training
Posted in Information Security | No Comments »
Someone recently commented that I write a lot of blog posts based on my work and what my clients, students and others I meet at conferences and training classes have said or done. Well, that’s because such interactions often create some very good teaching moments that many others could benefit from! And so, yes, now I have another such experience to share. One of my new Compliance Helper clients recently told me, “I still don’t know what I need to do for HIPAA/HITECH compliance that is not covered under the compliance activities of my business clients. How can I do anything more beyond what they are already doing?” (more…)
Tags:awareness, BA, breach, business associate, CE, compliance, covered entity, data protection, HIPAA, HITECH, IBM, Information Security, information technology, infosec, IT security, midmarket, monitoring, non-compliance, personal information, personal information identifier, personal information item, personally identifiable information, PHI, PII, policies, privacy, privacy breach, privacy laws, privacy practice, privacy professor, privacyprof, Rebecca Herold, risk assessment, risk management, security, sensitive personal information, social network, SPI, surveillance, systems security, training
Posted in BA, BA and Vendor Management, CE, HIPAA, HITECH | 1 Comment »
I’ve been getting the following question and comment increasingly more often in the past several months:
1) “If someone’s name (more…)
Tags:awareness, breach, compliance, data protection, Information Security, information technology, infosec, IT security, midmarket, monitoring, non-compliance, personal information, personal information identifier, personal information item, personally identifiable information, PHI, PII, policies, privacy, privacy breach, privacy laws, privacy practice, privacy professor, privacyprof, Rebecca Herold, risk assessment, risk management, security, sensitive personal information, social network, SPI, surveillance, systems security, training
Posted in HIPAA, privacy, Privacy and Compliance | 1 Comment »
Subscribe to this site's RSS feed. However over icon to see which services are supported.
is proudly powered by WordPress
Entries (RSS) and Comments (RSS).