Compliance


19

Jun 2018

HITRUST Introduction: Getting Started

Sword & Shield offers this HITRUST introduction to take some of the mystery out of this comprehensive compliance tool and to explain what you need to know in order to get started with HITRUST compliance. Let’s start with the basics: What is HITRUST? The Health Information Trust Alliance (HITRUST) is a United States company that has partnered with leaders in the healthcare, technology, and information security...

Read More


05

Jun 2018

Ensuring GDPR Compliance for Your Enterprise

The European Union’s General Data Protection Regulation (GDPR) went into effect on May 25. If your company does business internationally, its electronic privacy processes and procedures must comply with GDPR requirements. This article discusses the new framework and ensuring GDPR compliance within your organization. What is the GDPR? The GDPR is concerned with data privacy and contains a number of new requirements for businesses. Failure...

Read More


09

May 2018

Complying with HIPAA encryption standards; what you need to know

By Jeremy Watson Have you encrypted your electronic protected health information (ePHI) data at rest (being stored in persistent storage) and in transit (flowing from one point to another, whether it be the over the internet or a private network)? If so, you’re compliant with the HIPAA encryption standard and, therefore, covered by the Safe Harbor Rule in case of a breach. This means you’re...

Read More


03

Apr 2018

Cybersecurity Spring Cleaning: Critical Data Scans

By Bowe Hoy Protecting your organization’s critical data requires knowing where it is. Have you ever lost something in your house despite spending hours looking “everywhere” for it? Or stumbled upon a cache of items you forgot you had? This probably motivated you to do some major cleaning; sorting, organizing and disposing of stuff to know where the important items are located and easily get...

Read More


16

Aug 2017

How to Write an Effective Business Continuity Plan

By Teddy Ansink An effective business continuity plan (BCP) is proactive and aims to avoid and mitigate risks associated with a disruption of operations, including ensuring personnel and assets are protected and able to function in the event of a disaster. Due to the importance of this goal, the development of a BCP requires strategic thinking through the recognition of threats and risks facing a...

Read More


08

Aug 2017

PCI DSS Changes to Be Enforced in 2018: Are you ready?

By Jack Dempsey The Payment Card Industry Data Security Standard (PCI DSS) is a security standard for merchants and service providers that process, store or transmit credit card information. Forward dated PCI DSS changes in Version 3.2 of the DSS requiring increased network security will be enforced in 2018. Are you ready? The most important change to the standards will be enforced beginning July 1,...

Read More


08

Sep 2016

Introducing a New Comprehensive HITRUST Solution

Nearly 90 percent of all healthcare organizations have suffered at least one data breach in the past two years with an average cost of $2.2 million per attack. Even just an allegation of a breach can result in an investigation of your organization by the U.S. Department of Health and Human Services’ Office for Civil Rights. But, for most, it is virtually impossible to claim...

Read More


28

Jul 2016

Compliance is not a Blueprint for Building a Security Program

For some security experts, the definition of compliance has become so skewed that it can mean just about anything to just about anyone, depending on their circumstances. Data security analysts continue to hear clients tout that they are “compliant, so that must mean we are secure,” without knowing that the more appropriate route to take is to begin with security as the framework for your...

Read More


20

Jul 2016

PCI Compliance Should Start with Security

While it’s true the Payment Card Industry Data Security Standard (PCI DSS) has helped curtail credit card fraud by requiring merchants to comply with its regulations, many merchants still don’t understand that merely meeting compliance goals does not mean their data is secure. Many security and compliance experts now argue that PCI standards have become little more than a check-box activity leaving the retailer with...

Read More


14

Jul 2016

You Can Be Both Compliant and Secure

It’s no big secret that some of the big-name companies whose customer data was breached had met compliance standards prior to the intrusions. That’s because being compliant can sometimes lead companies into believing they’re also secure. The data security experts at Sword & Shield recommend that organizations use their industry compliance regulations as a security starting point – a prescriptive direction – but warn it...

Read More



Page 1 of 3123