Posts Tagged ‘policies and procedures’

« Older Entries
Newer Entries »

HITECH Act does *NOT* make HIPAA, or HIPAA advice, “obsolete”!

Monday, May 18th, 2009

A couple of weeks ago I was surprised and concerned by a statement made in one of my many listservs by a lawyer commenting on HIPAA books and past advice given for HIPAA compliance…

(more…)

Tags:, , , , , , , , , ,
Posted in Information Security, Laws & Regulations, Privacy and Compliance | No Comments »

Secure360 Starts Tomorrow!

Monday, May 11th, 2009

I drove up to St. Paul, MN, today and will be speaking, and look forward to attending the sessions, at Secure360.

(more…)

Tags:, , , , , , ,
Posted in Training & awareness | No Comments »

Regulatory Requirements for Training and Awareness

Thursday, May 7th, 2009

Today I had a great conversation with a CISO about the regulatory and legal requirements for organizations to provide information security and privacy training and awareness activities…

(more…)

Tags:, , , , , , ,
Posted in Training & awareness | No Comments »

Podcast: HITECH Act adds new compliance requirements, penalties

Wednesday, May 6th, 2009

Last week I had the pleasure of speaking with Alexander B. Howard at SearchCompliance.com for a 26 minute podcast…

(more…)

Tags:, , , , , , , , ,
Posted in Information Security, Laws & Regulations, Privacy and Compliance | No Comments »

Understanding Data Protection from 4 Critical Perspectives

Tuesday, May 5th, 2009

Today I gave a webcast (27 minutes) about “Understanding Data Protection from 4 Critical Perspectives” and it is now available online through this link

(more…)

Tags:, , , , , , , ,
Posted in Information Security, Training & awareness | No Comments »

IP Addresses Are Considered PII By Some Countries No Matter If U.S. Orgs Like It Or Not

Monday, May 4th, 2009

Today on Twitter, @clarinette02 posted a link to an interesting article, “IP Addresses Are Personal Data, E.U. Regulator Says,” from a little over a year ago…

(more…)

Tags:, , , , , , , , ,
Posted in Laws & Regulations, Privacy and Compliance | No Comments »

Red Flags Rule Enforcement Delayed to August 1, 2009; FTC Providing a Compliance “Template”

Friday, May 1st, 2009

The FTC has once more announced a delayed enforcement of the Red Flags Rule to August 1, 2009

(more…)

Tags:, , , , , , , , , ,
Posted in Information Security, Laws & Regulations, Privacy and Compliance | No Comments »

Employee Rights to PII When You Leave Your Employer or Lose Your Job

Wednesday, April 29th, 2009

I often get emails from my blog and Twitter readers, many of whom I have never met before; sometimes several in a day. Many often ask for help that really is a call for free consulting help. Others are quick, short and fast for me to answer. Others are just bizarre. I answer whatever I have time for. I recently got the following question (edited to protect identities), and I think so many folks may be involved in a similar situation with all the continuing job losses that it might be useful to several folks…

(more…)

Tags:, , , , , , , ,
Posted in Laws & Regulations, Privacy and Compliance | 4 Comments »

HIPAA & HITECH Act Sanctions & Penalties

Tuesday, April 28th, 2009

Today I had the great pleasure and opportunity to do a podcast with Alexander Howard over at TechTarget discussing HIPAA and the HITECH Act…

(more…)

Tags:, , , , , , , , ,
Posted in Information Security, Laws & Regulations, Privacy and Compliance | 2 Comments »

Community Information Security and Privacy Awareness

Monday, April 27th, 2009

Today I read a nice article describing a presentation about information security, “Cyber safety tips shared“…

(more…)

Tags:, , , , , , , ,
Posted in Information Security | No Comments »

« Older Entries
Newer Entries »