The FTC has once more announced a delayed enforcement of the Red Flags Rule to August 1, 2009…
Archive for the ‘Information Security’ Category
Red Flags Rule Enforcement Delayed to August 1, 2009; FTC Providing a Compliance “Template”
Friday, May 1st, 2009HIPAA & HITECH Act Sanctions & Penalties
Tuesday, April 28th, 2009Today I had the great pleasure and opportunity to do a podcast with Alexander Howard over at TechTarget discussing HIPAA and the HITECH Act…
Community Information Security and Privacy Awareness
Monday, April 27th, 2009Today I read a nice article describing a presentation about information security, “Cyber safety tips shared“…
My Son Caught A “Hacker”!
Thursday, April 23rd, 2009NOTE: Just realized today is Take Your Child To Work Day so this is timely! 🙂
My sons, 12-years-old and 9-years-old, have been with me a lot while I work in my home office over the years, and they have a strong interest in much that I do. I even ask them to read the articles I write for Protecting Information since I want that publication to be informational to not only personnel, but also all the personnel’s family members.
It amazes me how much my sons soak up that I’m not even aware of…
2 More Things In History That Could Have Improved Infosec & Privacy
Wednesday, April 22nd, 2009Late last week I blogged about a question I got while at InfoTec in Omaha last week, “2 Things In Computing History That Could Have Improved Information Security and Privacy“…
Breach Notices, Securing PHI & PHR Vendor Responsibilities Under HIPAA/HITECH Act
Tuesday, April 21st, 2009Last Friday the US Department of Health and Human Services (HHS) released, at the last possible moment to meet their deadline, their interim final regulations to require covered entities (CEs) under the Health Insurance Portability and Accountability Act (HIPAA) and their business associates (BAs) to provide for notification in the case of breaches of unsecured protected health information (PHI) as required by the HITECH Act.
If you’ve read any of the at least 47 U.S. state and territory beach notice laws you will get a strong sense of deja vu while reading this document. They borrowed HEAVILY from the various existing breach notice laws to estblished their proposed definitions of securing PHI, what constitutes a “breach” of PHI, and for doing breach notifications.
There are two major issues…
2 Things In Computing History That Could Have Improved Information Security and Privacy
Friday, April 17th, 2009This past Wednesday I gave a session at Infosec09 in Omaha, Nebraska.
What a great event and venue! If you get a chance to attend next year, I highly encourage you to do so.
2 Things In Computing History That Could Have Improved Information Security and Privacy
Friday, April 17th, 2009This past Wednesday I gave a session at Infosec09 in Omaha, Nebraska.
What a great event and venue! If you get a chance to attend next year, I highly encourage you to do so.
“Secure Your ID Day” is April 18
Tuesday, April 14th, 2009I’m in Omaha to speak tomorrow at the Infotec09 conference and I heard on the local news that “Secure Your ID Day” is April 18…
“Secure Your ID Day” is April 18
Tuesday, April 14th, 2009I’m in Omaha to speak tomorrow at the Infotec09 conference and I heard on the local news that “Secure Your ID Day” is April 18…
