What was this worker for a healthcare provider thinking…didn’t/doesn’t the provider provide any kind of information security or privacy training or awareness communications…?
Archive for the ‘Laws & Regulations’ Category
HIPAA Violation: Healthcare Worker Writes About Patients On MySpace
Thursday, December 4th, 2008An SMB PCI DSS Learning Opportunity
Tuesday, December 2nd, 2008{Wow…love a chance to use 3 initializations in a row… 🙂 }
Over the past week I have been getting my holiday shopping done, almost entirely all online. I love to find unique stores, often small and medium sized businesses (SMBs) with interesting items, and I found one small store in Florida that makes some great, creative photo items at a reasonable price. Their online site was a little hard to navigate, though, so I spent a little time doing a bit of research about the store. They have been around since the 1980’s, and I could find no complaints about them. Their order form encrypted the input, but it was hard to figure out how to fill it in; I couldn’t get more than one photo uploaded to order more than one ornament, coffee mug, etc., at one time…
Are Cybercriminals Willing To Risk Death?
Friday, November 28th, 2008Whoa…here’s what should be a good cybercrime deterrent…
France Performing Audits To Check For Spam
Thursday, November 20th, 2008While doing some research on data protection laws in France, I found it interesting to learn that this past September the French data protection authority (CNIL) stared auditing businesses to check for unlawful spam operations.
CMS Gets Heat Over Not Actively Enforcing HIPAA
Tuesday, November 18th, 2008To date the Centers for Medicare and Medicaid Services (CMS) has not actively pursued HIPAA Security Rule compliance. Instead they have depended upon complaints to drive their investigations. However, as this article nicely points out, depending upon patients and healthcare workers to complain about problems leaves MANY HIPAA non-compliance issues…including significant information security and privacy vulnerabilities…dangerously unknown…
Example Of How Many Healthcare Providers Do Not Understand HIPAA
Wednesday, November 12th, 2008HIPAA is misunderstood by many personnel who work for healthcare providers; probably because they do not receive effective or good training about HIPAA. Here is a good example of how healthcare providers inappropriately withhold information in the name of HIPAA…
U.S. Do Not Call Registry Accuracy
Tuesday, November 11th, 2008The “Do-Not-Call Improvement Act of 2007 Report to congress: regarding the Accuracy of the Do Not Call Registry” was just released a few days ago.
I found the following excerpt interesting…
New Examiner Instructions From The OTS For Red Flags Rule Enforcement
Monday, November 3rd, 2008Organizations that are covered by regulations will do themselves a free compliance favor by reading…and knowing…what the examiners will be looking for when they visit to do their compliance audits.
FTC Postpones Active Red Flags Rule Enforcement To May 1, 2009
Thursday, October 23rd, 2008I was surprised to read this yesterday…
