OFAC Sanctions Cryptocurrency Mixer Tornado Cash

What is Tornado Cash? A virtual cryptocurrency mixer on the Ethereum blockchain, Tornado Cash was officially sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on August 8th, 2022. The platform works to facilitate [...]

OFAC Sanctions Cryptocurrency Mixer Tornado Cash2022-09-09T18:43:16-07:00

Legal quicksand: Shrink-wrap and click-wrap agreements – Part 2

Typical Shrink-Wrap Terms and Conditions While the type of terms and conditions found in shrink-wrap agreements vary greatly from vendor to vendor, there are a number of common themes. In general, shrink-wrap agreements include the following potentially problematic terms: [...]

Legal quicksand: Shrink-wrap and click-wrap agreements – Part 22020-05-18T14:47:38-07:00

Legal quicksand: Shrink-wrap and click-wrap agreements – Part 1

Shrink-wrap and click-wrap agreements are the fine print you see, among other things, when you click through terms and conditions in accessing an online service (e.g., in connection with a cloud computing service) or as part of the installation [...]

Legal quicksand: Shrink-wrap and click-wrap agreements – Part 12020-05-18T14:54:06-07:00

Alvaka’s Kevin McDonald Writes for CAPG on 15 Ways to Safeguard PHI

Alvaka Networks COO/CISO Kevin McDonald is a featured author in this month’s CAPG Health magazine.  He writes about the obligations under HIPAA and HITECH to protect health information and how failure to do so can cost $359 per record breached.  [...]

Alvaka’s Kevin McDonald Writes for CAPG on 15 Ways to Safeguard PHI2023-08-11T01:39:19-07:00

HIPAA business associate agreement consultations could be unlawful

Here is a controversial article written recently by Kevin McDonald for TechTarget. ------------------------------------------------------------------------------------------------------------------------------------- Under federal law, the Health Information Portability and Accountability Act (HIPAA) Privacy Rule extends to a class of business entities (i.e., health plans, health care clearinghouses and [...]

HIPAA business associate agreement consultations could be unlawful2020-04-29T22:44:01-07:00

Some Good Questions and Answers on Backup and Disaster Recovery

1. Where should small businesses start with disaster recovery, whether or not they already have a DR plan in place? What is the first question the small business owner needs to ask?

I recommend starting with determining RTO and RPO.  If the small business owner starts here he or she will be off to a good start with the DR plan.  What are RTO and RPO?

         RTO – Recovery Time Objective, the time between the disaster and when the system has been made operational again.  Why is this important?  Different businesses have different costs associated with

Some Good Questions and Answers on Backup and Disaster Recovery2014-04-29T23:01:20-07:00

Opportunities abound for providing HIPAA compliance services

As many security solution providers struggle to find compliance opportunities, there is a great opportunity in supporting compliance with the Health Insurance Portability and Accountability Act (HIPAA).Even though the comprehensive laws intended to protect patient and health care data are [...]

Opportunities abound for providing HIPAA compliance services2014-04-11T17:48:00-07:00

HIPAA security checklist: 10 services your customers need

Recent changes to HIPAA and HITECH opened up significant new opportunities for security solution providers who can shoulder the risks and get themselves educated on these regulations. As this HIPAA security checklist of services, below, shows, there are 10 specific [...]

HIPAA security checklist: 10 services your customers need2020-04-29T22:42:23-07:00

Exploring the risky business of cyber insurance and IT services contracts

In my time as a security consultant and managed services provider, I've seen some questionable behavior and attitudes. Prime among them is the common belief in the business community that indemnity offered by cyber insurance and contracts replaces prudent actions [...]

Exploring the risky business of cyber insurance and IT services contracts2020-04-29T22:43:11-07:00