How can your Third Party Vendor help or hurt your SOC 2 status?

Are you tracking the moving target of your third party vendors’ privacy and security practices? You may want to get ...
Read More

How to Harden Laptops, Tablets & Smartphones to Protect PHI

When your goal is to protect PHI on laptops and mobile devices, keep in mind that information security is only ...
Read More

5 Ways You Can Reduce Phishing Risk

Malware attacks via phishing knocked it out of the park in 2018. Phishing attacks account for an inordinate number of ...
Read More

Data Privacy & Security: 2018 Reflections & the Year Ahead

It’s been a tumultuous 2018 for data privacy and information security. New regulations here and abroad show that data privacy ...
Read More

Word of Warning: join.me Does Not Sign Business Associate Agreements

A few days ago, after making multiple attempts on behalf of a client to verify and clarify how join.me supports ...
Read More

Policy Controls: Why The Whole World Wants You to Write Policies

As a follow-up to Chris’s 2018 Privacy & Security Forum update, I’ll focus on policy controls, because the entire world ...
Read More

Privacy & Security Forum Update: OCR Activity, Audit Protocols, Ransomware & the HIPAA Security Rule

Julia and I had the pleasure of attending the 2018 Privacy & Security Forum a couple of weeks ago.  One ...
Read More

Communication Disconnect: Sales Promises & the Information Security Audit

Has this happened to your company? The sales team has a hot prospect who wants them to conduct an information ...
Read More

You’re a US company & subject to the GDPR. Now what?

What happens now that US Organizations who thought they were off the GDPR hook, are so on it. The onset ...
Read More

Privacy and Security Training: Less hype, less myth, more HIPAA realities.

I’m often taken aback by some of the marketing material I receive from privacy and security training vendors.  This is ...
Read More

Recent Posts

Archives