View Post

How To: Crisis Communication During Disaster Recovery

In Security by Carolina Curby-LucierLeave a Comment

Today’s businesses are tech savvy enough to understand the importance of having a disaster recovery (DR) strategy as a part of their business continuity planning (BCP) process. It’s no longer a nice option to have—it’s a necessity. Could your business survive a disaster without the critical hardware and software, data, and systems it relies on to operate? For all organizations, …

View Post

Make Shadow IT a Part of Your Digital Transformation Strategy

In Security by Daniel NewmanLeave a Comment

Shadow IT defines any technical concerns that fall outside the realm of your organization’s standard technologies, such as software and devices. It is often implemented without company approval or subsequent control—but that doesn’t mean you should look the other way. Despite the concerns we’ve seen countless times over the past few years, shadow IT is becoming a bigger part of …

View Post

Cyber Incident Reporting Guidelines: What You Need to Know

In Security by Natalie ValentLeave a Comment

Last summer, the White House took a significant step toward defining and coordinating a national response to the growing number of cyberattacks on government, businesses, and consumers—and it couldn’t have come at a better time. Last July, the Obama Administration released Presidential Policy Directive-41 on U.S. Cyber Incident Coordination Policy, which outlines how the government responds to significant cyber incidents. …

View Post

HIPAA and Encryption: The Best Practices

In Security by Toby OwenLeave a Comment

The number of data breaches in the healthcare industry is growing exponentially—and the breaches are becoming more severe. This phenomenon can be attributed to the increased black-market resale value for stolen medical records and personal health information (PHI), as well as the sophistication of cybercriminals. As a result of these risks—and of all the HIPAA penalties, legal costs, reputational damage, …

View Post

How Shadow IT Can Threaten Compliance

In Security by Carolina Curby-LucierLeave a Comment

In an effort to be more productive and connected, employees are taking it upon themselves to seek technology solutions that fit their workplace needs, and as a result, are inadvertently creating serious challenges for their IT teams. The number of employees bringing personal mobile devices into the workplace and using them as business devices has exploded; the number of people …

View Post

What All Healthcare Companies Need to Know About HIPAA Compliance

In Security by Bobby BoughtonLeave a Comment

Safeguarding protected health information is becoming more challenging every day—especially for companies operating in healthcare verticals who don’t always understand that compliance issues apply to them. Yet, under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, companies operating in a variety of healthcare verticals are categorized collectively as “Business Associates” (BAs) and, as such, are required …

View Post

Virtualization Security: The Line of Defense Your Cloud Needs

In Security by Daniel NewmanLeave a Comment

It used to be that companies used Clouds merely to back up their physical systems. Now, as many businesses are increasingly adopting Clouds and virtual machines (VMs) as an alternative to their physical infrastructure, the question remains: How to keep their virtual data, software, and systems secure? Just as technology is changing how and where we work, it is also …

View Post

Seven Common E-Commerce PCI Compliance Myths Explained

In Security by Bobby BoughtonLeave a Comment

There are so many e-Commerce PCI Myths floating around that it’s easy to find the subject confusing. Here’s the reality: If your business accepts credit cards, your transactions must comply with the Payment Card Industry Data Security Standard (PCI DSS) – a set of standards that applies to any company that accepts, processes, stores or transmits credit card data. Whether …

View Post

Why Backup is Not Disaster Recovery

In Security by Kirk WrightLeave a Comment

We often read the phrase “Backup and Disaster Recovery” as if the two things were inexorably linked. In a way, they are. But backup is not disaster recovery. And, while you can’t have disaster recovery (DR) without having backups—you can back up your data without having a DR plan in place. Although it might seem cheaper and easier, it’s is …

View Post

HIPAA Security and Awareness Training: An Integral Part of the Compliance Strategy

In Security by Kirk WrightLeave a Comment

When it comes to implementing a robust security protocol, employee training is one of the most critical—and often overlooked—aspects of a solid plan. Security and awareness training is also an integral part of HIPAA compliance.  But, according to a recent HealthITSecurity.com review of NueMD’s 2016 HIPAA Survey Update: “Healthcare organizations are also falling behind on annual HIPAA training. Currently, 58 …