Health IT departments are looking to make big investments in 2015. If you know their plans and concerns, you can beat the competition and offer the services your clients want most.
Find out how health IT departments are planning to spend their technology budgets this year. You’ll see why security is a major priority, and how mobile technology is predicted to continue expanding.Continue reading
PCI compliance is rising across the industry, but did you know that four out of five organizations that achieve compliance fail an assessment less than a year later? That finding and more comes from Verizon’s 2015 PCI Compliance Report.
In this post, see which PCI requirements are most correlated with having a data breach. You’ll also see why we expect a rise in card-not-present fraud and why maintaining compliance is so difficult.Continue reading
The deadline to comply with PCI DSS 3.0 passed on Jan 1. But even if it were pushed back until June, many merchants would still be struggling to comply with the older 2.0 rules.
See highlights of a sneak preview of Verizon's 2015 compliance report. You'll see how many merchants maintain compliance after they are verified (fewer than you think) and the two most problematic areas they stuggle with.Continue reading
The HIPAA regulations have not changed recently, but their impact and application in healthcare change constantly.
Check out our predictions for HIPAA 2015. You’ll see why we think criminal attacks and enforcement will rise, and why everyone might give their business associate agreement a closer look.Continue reading
HIPAA has a long list of "requirements" for IT providers -- but did you know that some of the rules are not as concrete as they seem?
See which parts of HIPAA's security rule gives you some flexibility, and see just how far you can bend the rules before the cracks start to show in your compliance and security.Continue reading
Healthcare IT departments are required to protect patient data under HIPAA -- but a new SANS report shows many health organizations are compromised.
Find out more about what the report calls a "compliance nightmare on the horizon" for healthcare IT security.Continue reading
Pretend PCI DSS compliance is a highbar. How you handle cardholder data will determine whether you have to throw a small, light portion of your network over the bar or the whole hulking mass of it.
IT service providers can make compliance easier -- but how?Continue reading
IT providers, do you have clients in healthcare? Do you handle their patient data? If yes, then you are almost certainly required to protect that data by HIPAA.
HIPAA calls this data “electronic protected health information,” or ePHI. Essentially, it is electronic information about a patient. It can be anything from a patient’s phone number to a recent diagnosis.
HIPAA requires healthcare organizations to protect this data. It also requires their “business associates” to protect it – and that includes their IT service providers.Continue reading