Tag: IT compliance

Data classification is essential for achieving, maintaining and proving compliance with a wide range of regulations and standards. For example, PCI DSS, HIPAA, SOX and GDPR all have different purposes and requirements, but data classification is necessary for compliance with all of them — after...

File integrity monitoring (FIM) is essential for securing data and meeting compliance regulations. In particular, the Payment Card Industry Data Security Standard (PCI DSS) requires organizations to use FIM to help secure their business systems against card data theft by detecting changes to...

The General Data Protection Regulation (GDPR) is designed to protect the personal data of EU residents by regulating how that information is collected, stored, processed and destroyed. The data security and privacy law applies to all organizations that collect the personal data of European Union...

The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. law designed to protect individual privacy by establishing national standards for maintaining sensitive patient health information and medical records. HIPAA compliance rules incorporate requirements from several other...

Making sure your environment is compliant with regulatory requirements can be a challenge. No matter your company’s size or industry, ensuring you have the required security controls is never a set-it-and-forget-it process. With your IT environment, your user base and the threat landscape...

Cloud computing provides undeniable benefits for storing and accessing electronic health records. Files stored in the cloud are accessible anytime and anywhere from any device, which makes it easy to share critical medical information between healthcare workers. But is cloud storage secure enough...

An IT security audit is a comprehensive examination and assessment of your enterprise’s information security system. Conducting regular audits can help you identify weak spots and vulnerabilities in your IT infrastructure, verify your security controls, ensure regulatory compliance, and...

In May of 2018, the European Union enacted one of the world’s strictest set of rules for personal data protection. The formal name of this legislation is the General Data Protection Regulation, but it is more commonly known as the GDPR. The GDPR regulates personal data, which is defined as any...

Is your organization compliant with the GDPR? Does it need to be? Too many small businesses in the United States don’t know the answer to those questions. It’s understandable, especially considering that the GDPR is a European law. Plenty of US businesses assume that they don’t need to...

The regulatory climate around the world is changing rapidly. Scores of new regulations, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and similar laws in other U.S. states, are being enacted in response to growing concerns about privacy and...