HIPAA Compliance: A Guide to Meeting HIPAA Requirements

This is a quick guide to the Health Insurance Portability and Accountability Act (HIPAA) and how you can become HIPAA compliant this year. We will take you through a short definition of HIPAA compliance, as well as go through the data security related fundamentals of this compliance requirement. What is HIPAA Compliance? So, the first thing you might be asking yourself is; what is HIPAA … [Read more...]

What is an information security policy?

An information security policy is a set of instructions that an organisation gives its staff to help them prevent data breaches. Employees are involved in many of the most common causes of security incidents, whether directly (such as accidental breaches) or indirectly (such as phishing scams), so thorough guidelines are essential. How do you create information security policies? Your … [Read more...]

Podcast – 12 Years Later: How the TJX Hack Changed Security and Compliance

In this episode of Defrag This, we’re taking a look back at one of the most monumental events in hacker history—the 2007 hack of TJX companies, which was, at the time, the biggest breach of consumer data in the history of the United States. … [Read more...]

GDPR-compliant organisations reaping the benefits, study finds

Organisations that meet the requirements of the GDPR (General Data Protection Regulation) experience a wide variety of benefits, according to a new Cisco report. The 2019 Data Privacy Benchmark Study demonstrates that GDPR compliance makes organisations less susceptible to data breaches, as you’d expect, but it also streamlines business processes and helps win … [Read more...]

12 Tips for Protecting PHI

Protected Health Information (PHI) is any data that is handled by a health care service provider, whether a Covered Entity (CE) or Business Associate (BA), that relates to the physical or mental health of an individual in some way. Any US organization that handles PHI is required to comply with HIPAA (Health Insurance Portability and Accountability Act of 1996). Below are some tips to help … [Read more...]

Podcast: The State of Brexit and the GDPR in 2019

With Brexit in limbo and the GDPR already handing out fines to companies in noncompliance, companies who work in the confines of the EU and UK are left with few details as to how to navigate the minefield that is compliance.  To help, we talked to a lawyer who is an expert in GDPR compliance to learn more on how the GDPR is sizing up. … [Read more...]

Privileged Access Management Compliance Through the Eyes of an Auditor

Compliance audits are a stressful, time-consuming effort for many companies. In the Lockdown blog, we often talk about the tools and processes customers use to prepare for both internal and external information security audits. This time we thought we’d turn the tables and speak directly to an auditor to hear his perspective. In this post, auditor and Information Security Specialist Edgar … [Read more...]

Three Major Ways the Compliance Landscape Will Evolve in 2019

Now that most of us are back to work as normal and have just about got over the New Year’s Eve hangover, it’s time to take a look at everyone’s favourite topic; compliance! All jokes aside, the compliance landscape is looking particularly interesting heading in to 2019, and organizations of all shapes and sizes will have to pay attention if they want to avoid being demonized by the press and … [Read more...]

How HIPAA Affects the Newest Healthcare Trends

Compliance mandates are (intentionally) stringent and difficult to meet. The reasons behind this are to force organizations to apply the strictest data security policies to ensure that customer data is secure. The Healthcare Insurance Portability and Accountability Act (HIPAA) is no exception to this rule. In many ways, due to the evolving use of technology in the healthcare industry, HIPAA … [Read more...]

Should You be Concerned About GDPR Fines?

The GDPR, which came into effect on May this year, has been off to a slow start, it would seem. As it stands, the largest fine issued by the Information Commissioner’s Office (ICO) was £500,000. Although Facebook came under a lot of fire over the data breach where Cambridge Analytica scraped the personal information of more than 50 million Facebook users, this happened before the GDPR came into … [Read more...]