Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

HIPAA and Social Media: What You Need to Know

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was signed into law before the rollout of major social media sites such as Facebook, Twitter, and Instagram. And as such, there are no specific HIPAA rules for social media. However, some HIPAA laws and standards apply to the use of social media by health care organizations and their workers. Because of that, each health care organization must implement a HIPAA social media policy to decrease the risk of HIPAA violations.

Key Takeaways from the CCPA Audit Webinar with Dr. Maxine Henry

Dr. Maxine Henry, one of Reciprocity’s renowned GRC experts, led a webinar on the California Consumer Protection Act (CCPA). This sweeping legislation creates data privacy rights for covered consumers—which means it also imposes obligations on businesses to safeguard personal information. Before implementation on January 1, 2020, Dr. Henry discusses how to prepare.

The Differences Between SOX 302 and 404 Requirements

The Sarbanes-Oxley Act of 2002 (SOX) is a law that implements regulations on publicly traded companies and accounting firms. SOX was created to improve the accuracy and reliability of corporate disclosures in financial statements and to protect investors from fraudulent accounting practices.

How to Map PCI DSS to the NIST Cybersecurity Framework

Organizations face an increasing number of compliance metrics. Risk management is of paramount importance and is feeding the need for governance. Terms like PCI DSS and NIST CSF are two frameworks that help enhance data security and manage risk. Often, it is the confusion on where businesses need to start that prevents them from taking action at all.

California Confidentiality of Medical Information Act vs. HIPAA

Patient health information is governed by robust rules that determine how this data is handled, stored, and accessed. Federal laws, such as the Health Insurance Portability and Accountability Act (HIPAA) and various state laws strengthen patient rights. HIPAA set a baseline for regulatory compliance with patient health information. Under the “preemption” language in the rule, no state may create less effective or weaker medical privacy protection for individuals.

NIST CSF Categories and Framework Tiers

NIST CSF stands for the National Institute of Standards and Technology Cybersecurity Framework. The NIST CSF consists of best practices, standards, and guidelines to manage cybersecurity program risk. This voluntary framework is divided into three primary parts: the framework core, profiles, and tiers. The NIST CSF core comprises five functions, where each function are further broken down into categories and subcategories. There are currently 23 categories and 108 subcategories in the NIST CSF.

How to Maintain ISO 9001 Certification

It’s not easy for an organization to implement the International Organization for Standardization (ISO) 9001 and obtain an ISO certification for the standard. But just because you’ve achieved ISO 9001:2015 (the latest version) certification, doesn’t mean your work is done. That’s because your company has to be continually audited to ensure it still meets the requirements of the ISO 9001 standard.

ISO 9001 Quality Management Principles

ISO 9001 is the international standard for quality management systems (QMS), published by the International Organization for Standardization (ISO). ISO standards are the most widely used quality management standards worldwide. Increasingly, your customers are looking for a guarantee that the products they’re buying from you have gone through quality management best practices. Adopting the ISO 9001 standard is one step toward offering that guarantee.

Featured Post

What To Know About User Behavior Analysis

Over the last few years, significant strides have been made in artificial intelligence (AI). Businesses, both big and small, are finally finding value in the data at their disposal. Big data is no longer a buzzword but a critical tool used by both governments and businesses in many. User Behavior Analysis (UBA) is one of the practical implementations of big data today, coupled with deep learning algorithms. UBA is used to make sense of every day user activity in any setting to predict patterns and help in decision making.