Archive for the ‘Compliance’ Category

The countdown is almost over. Slated to come into full effect on 25th May 2018, the General Data Protection Regulation (GDPR) is a remarkable piece of legislation, that will mark a fundamental shift in the approach towards data protection within Europe. The latest data from compliance specialist Alchemetrics revealed that ICO fines could increase a staggering 4500% as a direct result of GDPR. Clearly, organizations are not yet prepared to … Read more

Understandably, organisations are feeling a growing sense of unease about forthcoming General Data Protection Regulation (GDPR). It introduces a number of important changes to the current Data Protection Directive (DPD), such as increased territorial scope, stricter consent laws, hefty fines, breach notifications, enhanced data subject rights and specific design requirements that focus on data privacy. Additionally, many organisations will be required to appoint a Data Protection Officer (DPO) to oversee … Read more

Privacy by design is a methodology that helps organisations develop projects where privacy and data protection are accounted for from the start. Privacy by design is not a requirement of the Data Protection Act, but has been included in the GDPR specification (Article 23). Instead of incorporating data security measures as an after-thought, privacy and data sharing policies should be developed during the early stages of a project. Doing so … Read more

Any organisation that accepts and stores credit card details must comply with the PCI-DSS (Payment Card Industry Data Security Standard). The standard was introduced in an attempt to reduce the chances of credit card fraud. While most Active Directory implementations don’t store credit card details, they may still be subject to a PCI audit. Non-Compliance of PCI can lead to lawsuits, fines, insurance claims, and a subsequent loss of sales … Read more

For those who don’t know about GDPR, it stands for the General Data Protection Regulation, and is a new set of rules passed by the European Union which aim to reform the out-dated and inconsistent EU Data Protection Directive. The GDPR will come into effect from May 2018 and will be applicable across all 28 EU member states. However, for those of you that believe Brexit means you won’t be … Read more

Organizations are, quite rightly, concerned about the safety of the Electronic Protected Health Information (ePHI) of their clients and employees. Despite best efforts to secure this information, recent surveys have highlighted multiple cases in which organizations have violated HIPAA compliance mandates. In addition to attracting penalties, these violations can be damaging to reputation and expose the potentially sensitive, private information of users. It is therefore important, for a number of … Read more

Staying on top of compliance regulations is one of the most important tasks for all the organizations. IT departments of almost all organizations are always under pressure to meet the changing compliance requirements. Some of the common compliance requirements under which most organizations fall are SOX, HIPAA, GLBA, PCI DSS etc. SOX compliance was enacted to protect shareholders and general public from the accounting errors and malpractices which could result … Read more

Cyber-criminals are becoming more adept at stealing credit card information all the time. Organizations that handle or process card data in any capacity must take the necessary precautions to protect that data. At the very least, they should ensure they’re in compliance with the Payment Card Industry Data Security Standard (PCI DSS), developed to encourage and enhance cardholder data security across the globe. The PCI DSS defines 12 requirements that … Read more