The General Data Protection Regulation (GDPR) is a regulation requiring businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within EU member states. Every company conducting business within the EU will need to comply to these strict new rules by May 25th which will likely cause concerns and heightened expectations for security teams due to the broad, yet stringent nature of the GDPR requirements.
The Payment Card Industry Security Standards Council (PCI SSC) has published a new version of the industry standard that businesses use to safeguard payment data before, during, and after purchase. PCI Data Security Standard (PCI DSS) version 3.2 replaces previous versions in addressing the growing threats to customer payment information.
Did you know there are over 8,500 different Local, State, and Federal standards & requirements your organization may be required to comply with? This staggering number can come as a surprise to many. That’s why we’ve taken the time to compile a list of the most common standards which may require your organization to implement … Continued
In 2016, the Health Insurance Portability & Accountability Act (HIPAA) collected over 23 Million in Civil Money Penalties (CMPs) related to businesses violating patient data privacy provisions. Over half of the cases involved organizations who failed to even have a proper risk assessment conducted. The cost for violating HIPAA privacy protections continue to grow, which … Continued