In January of 2021, the Department of Health and Human Services issued an amendment to the Health Information Technology for Economic Clinical Health (HITECH) Act regarding certain security practices of covered entities and business associates. They define adequate security practices as “standards, guidelines, best practices, methodologies, procedures, and processes developed under section 2(c)(15) of the National Institute of Standards and Technology Act, the approaches promulgated under section 405(d) of the Cybersecurity Act of 2015, and other programs and processes that address cybersecurity and that are developed, recognized, or promulgated through regulations under other statutory authorities.”
(Article originally published on BloombergLaw.com)
The Asia-Pacific Economic Cooperation is set to boost the status of its Cross-Border Privacy Rules program in the U.S.
As global cyberattacks become more common, organizations are fine tuning, or even implementing, a cybersecurity risk management program — and there is no better way to validate your cybersecurity risk management program than with an independent validation.
The CSA recently announced that the STAR Program will now allow a one-time, first-year only, Type 1 STAR Attestation report. What is a Type 1 versus Type 2 examination and what are the benefits for starting with a Type 1 examination?
Your customers and potential customers share data with you every day. Whether it’s an email address or more in-depth information like a shipping address or credit card information, they expect you to protect what they share.
Identifying changes that must be made is the easy part. Managing those changes successfully—not so simple! Organizations today need to be extraordinary at adapting to or influencing changes in technology, policy, and procedure. Those who adjust well aren’t phased by the fast pace of the market or the constant evolutions in technology and security standards. Those who struggle with change constantly operate in a reactive state, and fail to properly strategize their business moves.