Heavily regulated industries like banking and healthcare have been reluctant to make the virtualized leap to the cloud, fearing a loss of control could open them to unforeseen risk. Are their concerns unfounded?
Take a look at the contract that the Department of Health and Human Services entered with KPMG to conduct HIPAA compliance audits and you'll get a few insights on what healthcare organizations can expect.
While it's good to see more privacy and security details included in the final version of the Federal Health IT Strategic Plan, much work remains to ensure patient information is protected when it's exchanged.
The PCI Security Standards Council's new guidance for tokenization offers clarification and recommendations for merchants struggling to determine which tokenization solution is best, especially where compliance with the Payment Card Industry Data Security Standard is concerned.
Bob Russo says the long-awaited PCI guidance on tokenization should provide merchants with a baseline for standardization and best practices, and serve as a roadmap for how tokenization can complement compliance with the PCI-DSS.