Washington has become the third state to pass legislation incorporating the Payment Card Industry Data Security Standard (PCI) to help financial institutions recover costs from credit/debit card breaches.
Guidance on how organizations should protect the confidentiality of personal identifiable information, SP 800-122: Guide to Protecting the Confidentiality of Personally Identifiable Information, or PII, has been issued by the National Institute of Standards and Technology.
Everyone is talking about cloud computing these days - but are they having the right conversations?
H. Peet Rapp is an information security auditor who sits on ISACA's Cloud Computing Work Group, and he's co-author of the white paper Cloud Computing: Business Benefits With Security, Governance and Assurance...
The Department of Health and Human Services raised some eyebrows with its announcement that it will pay $26 million to Ketchum Inc. for a public education campaign about the privacy and security of electronic health records and related topics. Some consumer advocates are questioning the selection of Ketchum, given its...
When it comes to keeping healthcare information private and secure, hospitals that focus primarily on regulatory compliance are making a huge mistake, says Sharon Finney, corporate data security officer for the 37-hospital Adventist Health System.
The topic has been discussed for years, but now truly is the time for organizations to invest in federated identity management.
So says Tom Smedinghoff, partner at Chicago-based law firm Wildman Harrold. In an exclusive interview, Smedinghoff discusses:
What's new about federated ID management;
Getting senior executives involved early and making sure they understand the organization's security vulnerabilities are two vital steps in any risk management initiative, says consultant Mark Ford of Deloitte.
In an interview, Ford offers advice on how to:
Win the support of senior executives as well as boards...