A couple of days ago I published my monthly Privacy Professor Tips message, “Summer Break-in.” I provide these tips free to anyone who wants to sign up for it on my web site and fills out one of the boxes that says, (more…)
Posts Tagged ‘compliance’
Don’t Let School Break Be A Privacy Break-In!
Friday, June 3rd, 2011Yes, Automating Compliance Activities Can Improve Security…If Done Correctly!
Tuesday, March 8th, 2011I participate in the Focus network and tried to answer the following question from “Caty” on their discussion board:
“How can compliance automation help secure my organization’s IT infrastructure?” Please describe the benefits of compliance automation and discuss how it can be used to secure an organization’s IT infrastructure.
However, after trying to submit my response in around half a dozen ways, I was told my answer was too long. Instead of shaving off some of my content, I decided to post here to my blog, and then point to here from there. Perhaps my other blog readers will be interested in my thoughts on this topic as well.
So, here is my answer… (more…)
HIPAA/HITECH Final Rule Set To Be Published in March
Tuesday, January 4th, 2011On December 20, 2010, the U.S. federal government published “Part II: Regulatory Information Service Center: Introduction to The Regulatory Plan and the Unified Agenda of Federal Regulatory and Deregulatory Actions.” If you are a healthcare Covered Entity (CE), Business Associate (BA) or BA subcontractor, as defined under HIPAA and HITECH, this should be of interest to you. Why? Because within it is the long-awaited Department of Health and Human Services (HHS) timeline for when they would publish the final rule of the Notice of Proposed Rule Making (NPRM) that came out in July, 2010. The date? Well, (more…)
Reining In Mobile Computing Risks
Sunday, October 3rd, 2010As demonstrated over and over again over the past several years, mobile computing devices and storage media present a huge risk to business and personal information. Because of the portability of these devices, organizations are basically entrusting the security of the information stored upon them into the hands of the people using them. It is vital that an effective mobile computing device and storage media security and privacy management program is in place.
A mobile computing device and storage media security and privacy management program should be able to answer the questions: (more…)
Security and Privacy: Trends, Tools and Techniques
Wednesday, August 12th, 2009I’m in Houston this week giving my class “Security and Privacy: Trends, Tools and Techniques.”
New Online Behavioral Advertising Principles: Self Regulation Does Not Mean Less Scrutiny By The FTC!
Monday, February 16th, 2009On February 12 the U.S. Federal Trade Commission (FTC), the most actively aggressive oversight agency in the U.S. with regard to enforcing privacy protections, released new behavioral advertising principles…
Cloudy Privacy Computing
Sunday, February 15th, 2009Cloud computing is an attractive, low-cost means of collaboration. But have you considered the risks involved with placing documents with PII “in the cloud”?
The monthly column I wrote for the December 2008 CSI Alert was, “Cloudy Privacy Computing.” Here’s the first section…
