Tag: IT compliance
December 1, 2023 |
Data Classification for Compliance with PCI DSS, NIST, HIPAA and More
Data classification is essential for achieving, maintaining and proving compliance with a wide range of regulations and standards. For example, PCI DSS, HIPAA, SOX and GDPR all have different purposes and requirements, but data classification is necessary for compliance with all of them — after...
March 17, 2022 |
File Integrity Monitoring for PCI DSS Compliance
File integrity monitoring (FIM) is essential for securing data and meeting compliance regulations. In particular, the Payment Card Industry Data Security Standard (PCI DSS) requires organizations to use FIM to help secure their business systems against card data theft by detecting changes to...
October 21, 2021 |
How to Comply with GDPR: Key 10 Steps
The General Data Protection Regulation (GDPR) is designed to protect the personal data of EU residents by regulating how that information is collected, stored, processed and destroyed. The data security and privacy law applies to all organizations that collect the personal data of European Union...
January 4, 2021 |
What Is HIPAA Compliance: Guidelines for Becoming Compliant
HIPAA compliance requires healthcare providers and their business associates to safeguard protected health information (PHI) through privacy and security rules, risk assessments, and breach notifications. Covered entities must implement administrative, technical, and physical safeguards, including...
December 21, 2020 |
Compliance Tools: Choosing the Right Solutions
Compliance tools automate and streamline the processes organizations need to meet regulatory requirements like GDPR, HIPAA, and ISO 27001. General-purpose solutions include auditing, data classification, and GRC platforms, while specialized tools address needs such as consent management or DSARs....
August 13, 2020 |
Most Popular HIPAA-Compliant Cloud Storage Services
Healthcare organizations must ensure cloud storage services comply with HIPAA by securing electronic protected health information (ePHI) through encryption, access controls, activity monitoring, and data classification. Providers like Microsoft OneDrive, Google Drive, Dropbox Business, and Box...
April 9, 2020 |
IT Security Audits: The Key to Success
An IT security audit is a comprehensive examination and assessment of your enterprise’s information security system. Conducting regular audits can help you identify weak spots and vulnerabilities in your IT infrastructure, verify your security controls, ensure regulatory compliance, and...
March 27, 2020 |
Does GDPR Compliance Apply to US Companies?
In May of 2018, the European Union enacted one of the world’s strictest set of rules for personal data protection. The formal name of this legislation is the General Data Protection Regulation, but it is more commonly known as the GDPR.
The GDPR regulates personal data, which is defined as any...
March 3, 2020 |
Guide to GDPR Compliance for Small Business
Is your organization compliant with the GDPR? Does it need to be?
Too many small businesses in the United States don’t know the answer to those questions. It’s understandable, especially considering that the GDPR is a European law. Plenty of US businesses assume that they don’t need to...
February 27, 2020 |
Privacy Regulations Changing the Face of Cybersecurity
The regulatory climate around the world is changing rapidly. Scores of new regulations, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and similar laws in other U.S. states, are being enacted in response to growing concerns about privacy and...