Tag: Regulatory compliance

Many organizations need to meet various compliance standards, and investing in a security information and event management (SIEM) solution can often help them reach that goal. But it worth the cost and effort to deploy a SIEM solution solely for compliance? Or is there a way to maximize the value...

File integrity monitoring (FIM) is essential for securing data and meeting compliance regulations. In particular, the Payment Card Industry Data Security Standard (PCI DSS) requires organizations to use FIM to help secure their business systems against card data theft by detecting changes to...

The healthcare industry faces a plethora of serious cybersecurity risks. Indeed, 2021 saw a record number of major health data breaches in the U.S. —  the breach notification portal of the U.S. Department of Health and Human Services lists at least 713 incidents affecting 45.7 million...

The U.S. Department of Health and Human Services (HHS) requires healthcare entities to follow the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This act requires healthcare entities to implement policies and procedures to safeguard the privacy and security of patients'...

The General Data Protection Regulation (GDPR) is designed to protect the personal data of EU residents by regulating how that information is collected, stored, processed and destroyed. The data security and privacy law applies to all organizations that collect the personal data of European Union...

What is the California Privacy Rights Act (CPRA)? The California Privacy Rights Act (CPRA) is an extension of the 2018 California Consumer Privacy Act (CCPA). The goal of both laws is to enhance the privacy rights of California residents with regards to the personal information that companies...

What is SOX compliance? After several large corporate accounting scandals in the early 2000s that led to investors losing billions of dollars, the US government passed the Sarbanes-Oxley Act of 2002. Commonly referred to as SOX, the bill established and expanded financial and auditing requirements...

Following a string of 83 data breaches in 2019 alone, the United States Department of Defense (DoD) established the Cybersecurity Maturity Model Certification (CMMC). The CMMC framework is a unified national standard for improving cybersecurity. Companies in the defense industrial base (DIB) must...

Organizations are recognizing that data security compliance is a foundational element of any successful business. The demand for compliance officers, IT security professionals and data protection officers is growing; spending on compliance programs is increasing; and businesses are treating...

The collection and processing Personal information (PI) enables businesses to customize the customer experience and boost sales. However, certain consumer rights advocacies and privacy regulations strictly limit the collection of PI to ensure that organizations utilize their data in a meaningful...