Here is a controversial article written recently by Kevin McDonald for TechTarget. ------------------------------------------------------------------------------------------------------------------------------------- Under federal law, the Health Information Portability and Accountability Act (HIPAA) Privacy Rule extends to a class of business entities (i.e., health plans, health care clearinghouses and [...]
1. Where should small businesses start with disaster recovery, whether or not they already have a DR plan in place? What is the first question the small business owner needs to ask?
I recommend starting with determining RTO and RPO. If the small business owner starts here he or she will be off to a good start with the DR plan. What are RTO and RPO?
• RTO – Recovery Time Objective, the time between the disaster and when the system has been made operational again. Why is this important? Different businesses have different costs associated with
As many security solution providers struggle to find compliance opportunities, there is a great opportunity in supporting compliance with the Health Insurance Portability and Accountability Act (HIPAA).Even though the comprehensive laws intended to protect patient and health care data are [...]
Recent changes to HIPAA and HITECH opened up significant new opportunities for security solution providers who can shoulder the risks and get themselves educated on these regulations. As this HIPAA security checklist of services, below, shows, there are 10 specific [...]
In my time as a security consultant and managed services provider, I've seen some questionable behavior and attitudes. Prime among them is the common belief in the business community that indemnity offered by cyber insurance and contracts replaces prudent actions [...]
The best source of information covering this requirement comes from NIST, the National Institute for Standards and Technology. They have a set of documents that are the standards for many requirements. There is nothing specific in the NIST guidelines about the end of life for Windows XP, however, the need to provide Flaw Remediation is clear and that is what the X, Office 2003 and Exchange 2003 support requirements fall under.
For example, NIST Special Publication (SP) 800-531 requires the SI-2, Flaw Remediation security control, which includes installing...
A few months back I wrote a blog called, Don’t Get Caught by a Ransomware Gang. The blog warned that ransomware gangs are loading malware onto computers. Back then the threat was in the form of unwanted encryption of your [...]
Last week President Obama issued another executive order regarding cyber security. He followed up in his State of the Union speech by talking about foreign actors trying to sabotage our critical national infrastructure and private companies. The use of executive [...]
So, as if healthcare practitioners didn’t already have enough to focus on with Obamacare, HITECH and the Flu epidemic, the Obama administration through the Department of Health and Human Services, has released a massive pile of new regulations in a [...]
It has been suggested that this update does not end the problems for Java. In fact, some experts on Java are recommending that Java not be used unless necessary. If you require Java, here are two suggestions: Turn Java on [...]
Skip to content
