Blog
Security Awareness Training & Compliance Requirements
By Roger Murray | July 13th, 2017| Governance & IT Compliance
Did you know there are over 8,500 different Local, State, and Federal standards & requirements your organization may be required to comply with? This staggering number can come as a surprise to many. That’s why we’ve taken the time to compile a list of the most common standards which may require your organization to implement … Continued
How To: Guard Against HIPAA Privacy Breach Fines & Violations
By Roger Murray | January 16th, 2017| Governance & IT Compliance
In 2016, the Health Insurance Portability & Accountability Act (HIPAA) collected over 23 Million in Civil Money Penalties (CMPs) related to businesses violating patient data privacy provisions. Over half of the cases involved organizations who failed to even have a proper risk assessment conducted. The cost for violating HIPAA privacy protections continue to grow, which … Continued
Why Your Business Needs a WISP
By Roger Murray | December 29th, 2016| Governance & IT Compliance
Not having a written information security program (WISP) for your business could be putting your data at risk of not only theft, but substantial legal/punitive damages. The laws in Massachusetts enforce strict guidelines to safeguard any personal information of individuals stored on your network. Sadly, many SMBs brush it off as a minimal danger that … Continued
New HIPAA Guidelines on Ransomware Disclosures
By Roger Murray | August 1st, 2016| Governance & IT Compliance
The Department of Health & Human Services for Civil Rights (OCR) has issued guidance on how to manage the increasing frequency of ransomware attacks toward healthcare providers. Ransomware is a malware which encrypts data until a ransom is paid to the hacker, who in return, will hopefully issue the encryption key to unlock the data … Continued
Top 3 VOIP Security Risks
By Roger Murray | July 6th, 2016| Governance & IT Compliance
In today’s day and age we have become familiar and hopefully cautious when receiving strange emails with a random file attached. It’s unlikely that we would give it a second thought before deleting. This is because we recognize the need for cyber security to limit the onslaught of digital threats we receive on a seemingly … Continued
Are you *REALLY* PCI Compliant?
By Roger Murray | June 23rd, 2016| Governance & IT Compliance
If your business processes credit cards or other forms of electronic payment, it is required to meet the standards established by the Payment Card Industry (PCI). That means not only retailers, but any establishment that accepts card payments in their place of business. If you don’t maintain PCI standards for compliance and suffer a data … Continued