Archive for the ‘Compliance’ Category

Government sector CIOs are under mounting pressure to stay up-to-date with an ever-changing security threat landscape. With the rise of hacktivism over the last few years, attacks have been more creative in their approach. The recent growth in government data breaches is proof that common cybersecurity measures are becoming increasingly ineffective against modern cyber-attacks. Back in 2016, the U.S. presidential election was impacted by substantial cyber threat activity, most notably … Read more

Staying compliant with regulations like GDPR is essential if you want to appease that pesky auditor, but it does not guarantee full protection against data breaches. Once you have worked out how to be compliant, you will then have to turn your attention to other important factors in data protection. The reason for this, is that regulations and compliances alone do not guarantee the required shift in attitude that is … Read more

2016 was a record year in terms of the number and cost of HIPAA settlements and with 2017 coming to a close soon, not much has changed in this regard. Due to the nature of the data that healthcare companies store, provider absolutely must be transparent about how they are securing and handling it. This is essentially what HIPAA is all about. Simple, isn’t it? So why are so many … Read more

According to the Verizon 2017 payment security report, nearly half (44.6%) of companies failed to protect payment card data on an ongoing basis; leading to PCI compliance failure. Other significant compliance mandates that financial organizations have to satisfy include the Gramm-Leach-Bliley Act (GLB Act or GLBA), also known as the Financial Modernization Act of 1999 and the Sarbanes-Oxley Act (SOX) (which was enacted to protect shareholders and the general public … Read more

The countdown is almost over. Slated to come into full effect on 25th May 2018, the General Data Protection Regulation (GDPR) is a remarkable piece of legislation, that will mark a fundamental shift in the approach towards data protection within Europe. The latest data from compliance specialist Alchemetrics revealed that ICO fines could increase a staggering 4500% as a direct result of GDPR. Clearly, organizations are not yet prepared to … Read more

Understandably, organisations are feeling a growing sense of unease about forthcoming General Data Protection Regulation (GDPR). It introduces a number of important changes to the current Data Protection Directive (DPD), such as increased territorial scope, stricter consent laws, hefty fines, breach notifications, enhanced data subject rights and specific design requirements that focus on data privacy. Additionally, many organisations will be required to appoint a Data Protection Officer (DPO) to oversee … Read more

Privacy by design is a methodology that helps organisations develop projects where privacy and data protection are accounted for from the start. Privacy by design is not a requirement of the Data Protection Act, but has been included in the GDPR specification (Article 23). Instead of incorporating data security measures as an after-thought, privacy and data sharing policies should be developed during the early stages of a project. Doing so … Read more

The GDPR is an EU regulation that will come into effect from 25 May 2018. The new directive aims to ensure that organisations have policies and procedures put in place to protect the data of EU citizens. Below is a checklist that is designed to assist organisations in complying with the GDPR. Awareness All employees, whether they are IT staff, executives, general administrators, consultants, sales and marketing executives, human resource … Read more

Any organisation that accepts and stores credit card details must comply with the PCI-DSS (Payment Card Industry Data Security Standard). The standard was introduced in an attempt to reduce the chances of credit card fraud. While most Active Directory implementations don’t store credit card details, they may still be subject to a PCI audit. Non-Compliance of PCI can lead to lawsuits, fines, insurance claims, and a subsequent loss of sales … Read more

For those who don’t know about GDPR, it stands for the General Data Protection Regulation, and is a new set of rules passed by the European Union which aim to reform the out-dated and inconsistent EU Data Protection Directive. The GPDR will come into effect from May 2018 and will be applicable across all 28 EU member states. However, for those of you that believe Brexit means you won’t be … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All Trademarks Acknowledged.