Any organization that deals with credit card information must secure payment card data in accordance with PCI standards.
Merchants and service providers are required to validate compliance by assessing their environment against 12 major control categories applicable to applications and data in the data center and the...
Federal regulators, in their latest HIPAA settlement, are again reminding healthcare entities about the importance of having business associate agreements with vendors that handle patients' protected health information.
New York has become the first US state to issue its own set of cybersecurity rules for financial institutions. What is the potential impact on other states, other industry sectors? Paul Bowen of Arbor Networks shares insight.
What should healthcare entities and business associates expect when faced with a data breach investigation or compliance audit by federal regulators? Attorney Marti Arvin discusses the do's and don'ts.
Too many businesses assume that the internet will be around forever, but that's faulty thinking and an impractical business practice, says Information Security Forum's Steve Durbin, a featured speaker at Information Security Media Group's Fraud and Breach Prevention Summit in Atlanta this month.
Over the past year, fines levied by various regulatory agencies against breached entities have helped to shape and clarify what cybersecurity attorney Joseph Burton calls the cybersecurity standard of care - a standard for reasonable security that courts will turn to when determining liability and fault in the wake of...
The pressure is on for all industries to upgrade their cyber-protection policies. New York is the first state to initiate a 180-day grace period for all financial services companies to upgrade both cyber policies and protection. As New York's new cyber mandates roll out, other states and industries will likely follow....
The Trump administration has named Roger Severino as the new director of the Department of Health and Human Services' Office for Civil Rights, which enforces HIPAA and protects patients rights. Meanwhile, it remains unclear who will lead the Office of the National Coordinator for Health IT.
High-pressure. Fast-paced. Threats coming from all directions. The battle against payment fraud isn't unlike the game of basketball. Wire fraud and ACH fraud are on the rise, and financial institutions cannot be slow on the defense - to win, they must detect fraud in real-time.
Banking channels through which...
An important theme that emerges from the HHS Office for Civil Rights' dozens of HIPAA settlements is that all aspects of compliance are critical and subject to close scrutiny by federal regulators, says former OCR director Leon Rodriguez.
The European Union's General Data Protection Regulation, which will be enforced beginning in May 2018, will affect organizations throughout the world because it applies to any company that handles Europeans' personal data, says Fred Kost of HyTrust.
Easy Solutions' Ricardo Villadiego addresses how the digital revolution, millennials and the widespread use of online communications affect financial fraud.
In this transcript from his video interview at RSA Conference 2017, Villadiego:
Explains why banks are not proactive when it comes to fraud protection;...
Plans to launch some onsite HIPAA compliance audits are now on hold while the agency that enforces HIPAA completes more than 200 desk audit reports, says Deven McGraw, deputy director of the Department of Health and Human Services' Office for Civil Rights.