Archive for October, 2013
Monday, October 28th, 2013
“What’s the minimum shred size?”
Recently I got a great question from one of my Compliance Helper clients:
“This may seem like a silly question, but is there any type of HIPAA compliance requirements for shredder types? For example, minimum shred size?”
Not a silly question at all! Of the organizations that shred their paper documents (there are still way too many that don’t), a large portion of them are not shredding their documents to a point that they are actually doing so effectively. Here are some points and tips (more…)
Tags:awareness, BA, BAA, breach, business associate, CE, compliance, covered entity, data protection, disposal, dispose, HIPAA, HITECH, IBM, Information Security, information technology, infosec, IT security, midmarket, non-compliance, Omnibus, personal information, personal information identifier, personal information item, PHI, PII, policies, privacy, privacy breach, privacy laws, privacy professor, privacyprof, reassemble, Rebecca Herold, risk assessment, risk management, security, shred, shredder, systems security, training, unshred
Posted in Information Security | No Comments »
Tuesday, October 22nd, 2013
Compliance, like much of life, takes ongoing effort
Okay, folks. Time for a reality check for what data protection compliance involves.
You know what’s often tedious and hard? Well, a lot of things in life. (more…)
Tags:awareness, BA, BAA, breach, business associate, CE, compliance, covered entity, data protection, HIPAA, HITECH, IBM, Information Security, information technology, infosec, IT security, midmarket, non-compliance, Omnibus, personal information identifier, personal information item, PHI, PII, policies, privacy, privacy breach, privacy laws, privacy professor, privacyprof, Rebecca Herold, risk assessment, risk management, security, systems security, training
Posted in Laws & Regulations, Privacy and Compliance | No Comments »
Tuesday, October 1st, 2013
“Sometimes I feel like…somebody’s watching me! And I have no privacy!”
(The Rockwell hit from…quite appropriately…1984.)
Each day, we are tracked by the ‘smart’ systems, mobile apps, personal communication devices and other surveillance platforms that have become commonplace in our daily lives. In an effort to educate more people, and businesses, about the data trails they are leaving behind (and the companies, data bureaus and marketers who are sniffing out that trail), I created this new infographic (more…)
Tags:awareness, big data, breach, compliance, data protection, encrypt, encryption, IBM, Information Security, information technology, infosec, Internet of Things, IT security, midmarket, monitoring, NIST, non-compliance, NSA, personal information identifier, personal information item, PHI, PII, policies, privacy, privacy breach, privacy laws, privacy professor, privacyprof, Rebecca Herold, risk assessment, risk management, security, social network, surveillance, systems security, training
Posted in Miscellaneous, privacy | No Comments »
