The Department of Defense is not about to compromise on cybersecurity. In January 2020 it released its Cybersecurity Maturity Model Certification (CMMC) to “enhance the protection of controlled unclassified information.” … Continue reading
Healthcare networks took a beating last year. As they tighten security, attackers will look for new ways to steal health data – and lawyers may be the next target.
See research showing that many law firms who should comply with HIPAA don't. You will also see how you can use this trend to help protect your clients and win new ones.Continue reading
HIPAA is huge and confusing. The regulations are so massive that few people can point to a document and say “this is HIPAA.”
But if you’re an IT service provider, we have narrowed down the parts of HIPAA that matter to you. You can see them in this document. The text in this PDF comes straight from the Code of Federal Regulations, the only official source of the HIPAA guidelines.Continue reading
The last two years have been filled with news reports about major data breaches. First, we heard about millions of records compromised at retailers like Target and Home Depot. Now major healthcare organizations are getting hit.
Why is this happening? In this post, see four top reasons why healthcare networks are a major target for data breaches, and why the criminals seem to be winning the war.Continue reading
A data breach can bring a long list of expenses, and among them is often “damage to reputation.” But do your healthcare clients believe this? Will their reputations be harmed after a breach?
Yes -- HIPAA almost guarantees it.
See how HIPAA forces organizations to spend time and money marketing against themselves after a breach. Show your clients to convince them the threat to their business is real.Continue reading
HIPAA is huge. Out of its hundreds of pages, only a small portion apply to IT. How do you find the rules that matter?
The most important section of HIPAA for IT is the Security Rule. Even within this portion there is a ton of irrelevant information. In this post, we cut through the clutter and show you the parts of HIPAA that affect IT most.Continue reading
Did you think you crossed the PCI DSS finish line? Unfortunately , the rules have changed. Only a few months after the Jan. 1 deadline to comply with PCI DSS 3.0, the PCI Council released a new version and said it was effective immediately.
In this post, see the changes in the new PCI DSS 3.1. You’ll see the requirements most affected by the update and why you may need a “risk mitigation and migration” plan to stay compliant.Continue reading