Archive for the ‘Compliance’ Category

2017 saw an inordinate number of cybersecurity breaches take place, and the aim in 2018 will be ensure that you are compliant with many of the new compliance regulations coming into effect. 2017’s biggest security breaches include the Equifax breach, state-sponsored attacks, Russian manipulation of social media, WannaCry, and innumerable phishing scams. Security was compromised at every level, and something needs to change in 2018. Many CIO’s and top security … Read more

GDPR requires all businesses (in and outside European Union) dealing with EU citizen’s data to protect their data and privacy for transactions that occur within EU member states. Non-compliance will result in hefty penalties. The directive will set a new norm for consumer rights but, initially, it will be challenging for companies to put the required systems and processes in place to conform. The compliance will require new expectations from … Read more

The implementation deadline for PCI DSS 3.2 is February 1st 2018. After this date, the recommendations of the compliance will no longer be simply “best practices”, they will be mandatory. The new requirements will apply to all merchants and service providers who store, process or transmit credit card payments from Visa, MasterCard, Discover and American Express. The new updates are stronger security measures against cyber-attacks. In this article, we will … Read more

The United States has a number of different laws surrounding the protection of personal data such as HIPAA, SOX, PCI-DSS, and FTC, to name a few. Despite this, there is still a need for a centralized regulatory framework to deal with the collection, use, and dissemination of personal data. This need will soon be met once the General Data Protection Regulation (GDPR) comes into effect. The GDPR has what is … Read more

The GDPR is a new EU regulation that is due to come into force on May 25, 2018. It has turned into a hot topic in the healthcare industry as service providers prepare to meet the compliance challenge. The United States’ Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a regulation that was developed to protect the privacy and security of sensitive medical information. There are several key … Read more

Staying compliant with regulations like GDPR is essential if you want to appease that pesky auditor, but it does not guarantee full protection against data breaches. Once you have worked out how to be compliant, you will then have to turn your attention to other important factors in data protection. The reason for this, is that regulations and compliances alone do not guarantee the required shift in attitude that is … Read more

2016 was a record year in terms of the number and cost of HIPAA settlements and with 2017 coming to a close soon, not much has changed in this regard. Due to the nature of the data that healthcare companies store, provider absolutely must be transparent about how they are securing and handling it. This is essentially what HIPAA is all about. Simple, isn’t it? So why are so many … Read more

According to the Verizon 2017 payment security report, nearly half (44.6%) of companies failed to protect payment card data on an ongoing basis; leading to PCI compliance failure. Other significant compliance mandates that financial organizations have to satisfy include the Gramm-Leach-Bliley Act (GLB Act or GLBA), also known as the Financial Modernization Act of 1999 and the Sarbanes-Oxley Act (SOX) (which was enacted to protect shareholders and the general public … Read more

The countdown is almost over. Slated to come into full effect on 25th May 2018, the General Data Protection Regulation (GDPR) is a remarkable piece of legislation, that will mark a fundamental shift in the approach towards data protection within Europe. The latest data from compliance specialist Alchemetrics revealed that ICO fines could increase a staggering 4500% as a direct result of GDPR. Clearly, organizations are not yet prepared to … Read more

Understandably, organisations are feeling a growing sense of unease about forthcoming General Data Protection Regulation (GDPR). It introduces a number of important changes to the current Data Protection Directive (DPD), such as increased territorial scope, stricter consent laws, hefty fines, breach notifications, enhanced data subject rights and specific design requirements that focus on data privacy. Additionally, many organisations will be required to appoint a Data Protection Officer (DPO) to oversee … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2018 Lepide Software Private Limited. All Trademarks Acknowledged.