retention Archives -

Posts Tagged ‘retention’

What You Need to Know for Retention Compliance

Wednesday, November 20th, 2013

One of the things I love about helping all my Compliance Helper (CH) clients with their information security and privacy compliance activities is that they often ask questions that most other small and mid-size organizations also have. So, I then have a great opportunity to share advice! One of my recent conversations dealt with the challenges my mid-size client was having in trying to appropriately customize the data and records retention policy and procedure I provide through the CH service to fit his organization’s unique type of business associate service, while also meet compliance with the HIPAA retention requirements. The paraphrased questions below started our conversation after I advised that there are many types of documents that must be retained for at least 6 years to meet compliance: (more…)

Tags:21 CFR Part 11, awareness, BA, BAA, breach, business associate, CE, compliance, covered entity, data management, data protection, data retention, GLBA, HIPAA, HITECH, IBM, information management, information retention, Information Security, information technology, infosec, IT security, midmarket, non-compliance, Omnibus, personal information, personal information identifier, personal information item, PHI, PII, policies, privacy, privacy breach, privacy laws, privacy professor, privacyprof, Rebecca Herold, retain, retention, risk assessment, risk management, security, SSA, systems security, training, USA PATRIOT Act
Posted in HIPAA, Laws & Regulations | No Comments »

With New Year & New U.S. Administration, New Compliance Actions Projected

Wednesday, January 7th, 2009

The lack of effective or consistent regulatory oversight over the past 8 years, much of which is blamed in large part for the current economic mess, means, at least to many soothsayers, that a new Obama administration will bring with it not only more aggressive compliance activities, but also a fresh round of new laws and regulations, many of which are anticipated to require much more audit logging, storage and retention, and more stringent access controls.

(more…)

Tags:awareness and training, Information Security, IT compliance, IT training, logging, Obama, policies and procedures, privacy training, retention, risk management, security training, storage
Posted in government, Privacy and Compliance | No Comments »

Obscure Email Security Issues: Whitehouse Provides Lessons in Email Management Practices and Using Non-Business Email Accounts to Conduct Business

Sunday, April 15th, 2007

So much is in the news lately related to information assurance it is hard to pick which one to share my thoughts about. However, the misuse of email, managing email, and the maintenance of email systems, which I know I’ve already talked about recently, just keeps bubbling to the top of concerns.
Throughout last week and over the weekend while watching the news programs, listening to the political pundits, and reading various news magazines there has been much talk about how perhaps millions of Whitehouse emails have seemed to have vanished, along with discussion about the use of non-Whitehouse systems for Whitehouse business emails.

(more…)

Tags:awareness and training, data leakage, data loss, e-mail, email, Information Security, IT compliance, policies and procedures, privacy, regulatory compliance, retention, risk management, whitehouse
Posted in Information Security, Laws & Regulations, Privacy and Compliance | No Comments »

Posts Tagged ‘retention’

What You Need to Know for Retention Compliance

With New Year & New U.S. Administration, New Compliance Actions Projected

Obscure Email Security Issues: Whitehouse Provides Lessons in Email Management Practices and Using Non-Business Email Accounts to Conduct Business

Search Privacyguidance

Categories

Archives

Blogroll

Meta

Syndicate