What can you do to minimize risk? For companies that are regularly involved in litigation, in-house counsel and compliance personnel can reduce uncertainty by understanding their information systems and staying on top of technological changes.
Putting Your PII and PHI In The Cloud: Is it Secure Enough?
May 17, 2012
The use of cloud-based computing and data storage is continuing to grow. There are compelling reasons for this, but with all the advantages, it’s easy to overlook a question that still needs to be asked – and answered. Is the cloud secure enough for my sensitive data?
Beware Of These 4 Myths of IT Data Security
April 17, 2012
While we reap the benefits of information technology in all aspects of our daily lives, we seldom comprehend what’s going on in the background or consider the potentially costly risks it ushers into our organizations. Effective enterprise risk management requires knowing and evaluating exposures throughout your systems, including your cyber and data breach risks. The [...]
Hiding In Plain Sight: Physical Security’s Role in Corporate Compliance
April 16, 2012
With so much talk of cyber crime, hacktivism, cyber terrorism, massive data breaches through the Internet and other high-tech incidents, it’s easy to forget that to be successful, a compliance program shouldn’t be defined by what is covered in the mainstream media. Yes, criminals have added powerful, high-tech ways of stealing money and data to [...]
Tone at the Top: Rest Assured
March 20, 2012
Serving on an audit committee is one of the most challenging, prestigious and fulfilling roles a business professional can play. It provides the opportunity to give back by sharing knowledge gained and lessons learned firsthand. And yet, the job’s inherent responsibilities can result in a very serious case of sleep deprivation. The results of the [...]
Behind the Standards: Clarifying SAS 70’s Confusing Departure
March 16, 2012
The demise of SAS 70 audits raises questions, confusion and a dose of drama. To gain clarity on the auditing standard’s replacement and its alternatives, it helps for service providers and their customers to understand what went on behind the scenes that caused in this change
Fraud Flashpoints: How Functional Are Your Case Management And Event Notification Systems?
February 27, 2012
Incident and event notification systems foster real time communication among key business stakeholders when an incident or event occurs. Aside from the primary purpose surrounding event notification, these systems also address a company’s compliance, regulatory or contractual obligations concerning event notification, data (breach) protection, ethics violations, investigations and information protection. Secondarily to the event notification [...]
3 Ways Increased Vigilance on Data Security Can Backfire
February 22, 2012
More often than not, we find that the weakest links in the data chain are at the intersection between technology and manual process flow. An all-too-common scenario occurs when a company collects confidential information on its vendors, agents and other third parties through a hybrid manual/technological approach.
In an effort to help reduce that risk, we’ve gone through our case files to identify the top three most common sources of data compromise. Below, we address these three issues and offer advice on the best approach to avoiding them.
How To Reduce HIPAA and HITECH Compliance Risks
February 17, 2012
Jo-Ellyn Sakowitz Klein, senior counsel at Akin Gump Strauss Hauer & Feld LLP, provides five steps entities can take to reduce HIPAA and HITECH risks. She also reviews five common compliance pitfalls to avoid.
3 New Year’s Resolutions for Hospital Compliance
February 16, 2012
The turn of the year is an occasion not only for reflecting on the past, but also for considering the future. For hospitals and their compliance professionals, it is a good time to take stock of regulatory vulnerabilities, determine which ones should receive priority attention, and resolve to address these concerns in the coming year. Adhering to the following three resolutions may help make 2012 a happy and healthy New Year for many hospitals.
