Last week one of my Compliance Helper clients that is a health insurance company asked me the following question (slightly modified to protect their identity):
For the past two years, we have tried to get business associate (BA) Agreements from some of our BAs. They will not (more…)
Tags:audit, awareness, BA, BA Agreement, BA contract, breach, business associate, compliance, customer service, data protection, e-mail, electronic mail, email, employees, employment, exception management, facebook, FINRA, HIPAA, hiring, HITECH, HR, human resources, IBM, Information Security, information technology, infosec, insider threat, insider trading, IT security, job applicants, messaging, midmarket, monitoring, non-compliance, personal information, personally identifiable information, personnel, PHI, PII, policies, policy exception, policy management, privacy, privacy breach, privacy laws, privacy professor, privacyprof, Rebecca Herold, Red Flags, risk, risk assessment, risk management, security, sensitive personal information, social media, social network, SPI, surveillance, systems security, training, twitter, walk through
Posted in BA, BA and Vendor Management | No Comments »
A new data breach research report is out, and it is a good read. This is the annual Experian/Ponemon Institute “Is Your Company Ready for a Big Data Breach?” report. I want to focus on one of the findings in that report; that most organizations are not willing to assist those affected by a breach of their personal information. (more…)
Tags:audit, awareness, breach, breach notice, breach study, compliance, customer service, data protection, e-mail, electronic mail, email, employees, employment, Experian, facebook, FINRA, HIPAA, hiring, HITECH, HR, human resources, IBM, Information Security, information technology, infosec, insider threat, insider trading, IT security, job applicants, messaging, midmarket, monitoring, non-compliance, personal information, personally identifiable information, personnel, PHI, PII, policies, policy management, ponemon, privacy, privacy breach, privacy laws, privacy practice, privacy professor, privacyprof, Rebecca Herold, Red Flags, risk, risk assessment, risk management, security, sensitive personal information, social media, social network, SPI, surveillance, systems security, training, twitter, walk through
Posted in Privacy and Compliance, Privacy Incidents | No Comments »
Allowing Wall Street privacy law exemption is crazy! Why, you ask? Why, I’m happy to explain. In March, 2012, I wrote “6 Good Reasons NOT To Ask for Facebook Passwords“. Since that time legislation prohibiting employers from requiring access to their employees’ protected areas of their social media accounts has been introduced or is pending in at least 35 states. Three states–Arkansas, New Mexico and (more…)
Tags:audit, awareness, breach, compliance, data protection, e-mail, electronic mail, email, employees, employment, exception management, facebook, FINRA, hiring, HR, human resources, IBM, Information Security, information technology, infosec, insider threat, insider trading, IT security, job applicants, messaging, midmarket, monitoring, non-compliance, personal information, personally identifiable information, personnel, PHI, PII, policies, policy exception, policy management, privacy, privacy breach, privacy laws, privacy professor, privacyprof, Rebecca Herold, Red Flags, risk, risk assessment, risk management, security, sensitive personal information, social media, social network, SPI, surveillance, systems security, training, twitter, walk through
Posted in Laws & Regulations, privacy | No Comments »
Subscribe to this site's RSS feed. However over icon to see which services are supported.
is proudly powered by WordPress
Entries (RSS) and Comments (RSS).