Archive for the ‘Compliance’ Category

Over the last year we have seen a dramatic rise in the number of data breaches being reporting to the ICO under the General Data Protection Regulation (GDPR). Since the GDPR took effect in May of 2018, it seems that awareness over cybersecurity issues and the obligations organizations have to report breaches has increased. We can see that this increase is reflected in the statistics. The Irish Data Protection Commission … Read more

A recent Forrester report titled “Security Through Simplicity” surveyed 481 IT security decision makers regarding their GDPR readiness. Surprisingly, according to the study, most of the organizations surveyed had not carried out fundamental steps towards GDPR compliance. A small caveat here. The December study was commissioned in August but wasn’t completed until September – well after the GDPR had come into place on May 25th. There are no excuses as … Read more

The “Right to be Forgotten” (RTBF) may be a much talked about feature of the EU General Data Protection Regulation (GDPR), but it actually existed long before this regulation came into being. Essentially, the RTBF acts as a set of rights given to the consumer regarding how their personal data is being help by an organization (“controller”). Consumers can ask controllers for their data to be removed and the controller … Read more

We talk a lot about compliance when we speak to prospects looking to improve their data security. It’s an important part of security in terms of setting some standards, processes, practices and technologies for data security. However, most compliance regulations are either too basic or too pigeon-holed to full address data security concerns, especially in today’s evolving threat landscape. Being compliant is important as it gives you a good base … Read more

This is a quick guide to the Health Insurance Portability and Accountability Act (HIPAA) and how you can become HIPAA compliant. We will take you through a short definition of HIPAA compliance, as well as go through the data security-related fundamentals of this compliance requirement. What is HIPAA Compliance? So, the first thing you might be asking yourself is; what is HIPAA compliance? The Health Insurance Portability and Accountability Act … Read more

Protected Health Information (PHI) is any data that is handled by a health care service provider, whether a Covered Entity (CE) or Business Associate (BA), that relates to the physical or mental health of an individual in some way. Any US organization that handles PHI is required to comply with HIPAA (Health Insurance Portability and Accountability Act of 1996). Below are some tips to help organizations achieve compliance with HIPAA … Read more

Now that most of us are back to work as normal and have just about got over the New Year’s Eve hangover, it’s time to take a look at everyone’s favourite topic; compliance! All jokes aside, the compliance landscape is looking particularly interesting heading in to 2019, and organizations of all shapes and sizes will have to pay attention if they want to avoid being demonized by the press and … Read more

Compliance mandates are (intentionally) stringent and difficult to meet. The reasons behind this are to force organizations to apply the strictest data security policies to ensure that customer data is secure. The Healthcare Insurance Portability and Accountability Act (HIPAA) is no exception to this rule. In many ways, due to the evolving use of technology in the healthcare industry, HIPAA compliance is becoming harder to meet. The advent of wearable … Read more

The GDPR, which came into effect on May this year, has been off to a slow start, it would seem. As it stands, the largest fine issued by the Information Commissioner’s Office (ICO) was £500,000. Although Facebook came under a lot of fire over the data breach where Cambridge Analytica scraped the personal information of more than 50 million Facebook users, this happened before the GDPR came into effect. Even … Read more

Microsoft have secretly been collecting data on how people in the EU are using their Office products and sending it over to servers in the USA for storing, according to a report by the Dutch government. Even those with a rudimentary understanding of the GDPR can see that this is a fragrant breach of the regulations and could potentially lead to huge, multi-million-dollar fines. Basically, Microsoft were collecting diagnostic data … Read more