ISL | Security Compliance

HIPAA In Court & Bogus HIPAA "Certifications"

Rebecca Herold — Mon, 1 Sep 2008 09:57:37 +1000

HIPAA enforcement within the U.S. officially got underway with the first sanction applied the the Department of Health and Human Resources (HHS) in July; I blogged about it here.

The Need For Information Security & Privacy Training & Awareness

Rebecca Herold — Tue, 1 Jul 2008 23:27:05 +1000

U.S. HIPAA (Non)Enforcement's Bigger Hammer

Rebecca Herold — Sun, 18 May 2008 04:07:05 +1000

Last fall the U.S. Department of Health and Human Services (HHS) contracted the help of Pricewaterhouse Coopers (PwC) to start doing HIPAA compliance audits for them.

Trust Is Not A Control

Rebecca Herold — Thu, 3 Apr 2008 04:12:01 +1100

Trust is very important to successful business. Trust is a result of validated reliance upon another person or entity.

Trust is NOT a control.

The U.S. FTC Is Losing A Great Privacy Watchdog

Rebecca Herold — Tue, 11 Mar 2008 00:51:29 +1100

I was surprised to see an announcement from February 28 that U.S. Federal Trade Commission (FTC) Chairman Deborah Platt Majoras is leaving the FTC at the end of March.

The Great Managed Perimeter Security Services Swindle

Drazen Drazic — Thu, 14 Feb 2008 09:40:58 +1100

Maybe that is too harsh a title to describe most "managed services" provided by vendors to clients....maybe not?! The question needs to be asked though. When is the last time a client seriously looked at what they were getting for their large investment and asked some questions of the vendor and most importantly of themselves.

Good Compliance Practices - Ignorance is No Longer Bliss

Drazen Drazic — Wed, 19 Sep 2007 11:27:06 +1000

If the Payment Card Industry Data Security Standard (PCI DSS) has done one thing, it’s been to highlight that there are such things as basic, good security practices.