Tag: compliance

GDPR vs EU-US Privacy Shield

Posted on October 24, 2017 by

The deadline for enforcing GDPR, or General Data Protection Regulation, is only a few months away, and businesses across the US are asking themselves what they need to do to prepare, if anything. What does the new regulation mean for the EU-US Privacy Shield agreement from last year? How does the newest agreement affect companies in the US? We’ll answer a few questions about GDPR and EU US Privacy Shield. What is GDPR? It’s a new framework for data protection …

According to a recent Gartner report, nearly half of large enterprises will deploy hybrid cloud environments by the end of this year. That level of growth is super exciting for the cloud, as more organizations take advantage of a digital-based strategy. However, despite the maturity of the cloud, many CIOs still express concerns. There are two major challenges organizations face in a hybrid cloud environment (or any environment, really.) One is security, which we’ve covered. The other? Compliance. We talked about …

One of the biggest concerns around hybrid cloud for organizations is data security. According to Gartner, 38 percent of companies who don’t plan to use public cloud cited security and privacy as the main reasons. It’s very logical (and necessary) to ask how the cloud will protect your most valuable asset – your data. What are the biggest security challenges in hybrid cloud adoption? According to experts, the biggest security concerns in a hybrid environment are compliance, lack of encryption, poor …

You’ve decided to outsource your IT needs to a third-party provider. But who should you trust with your critical infrastructure and data? This article will give you some tips on what to look for in a secure hosting partner and provide you with a checklist of what you should expect to find when you take a tour of a potential data center. The data center provider you choose is more than just a building. You’ll be keeping the most valuable …

Introduced in 2011, Service Organization Control (SOC) reports are becoming more and more popular in data security and compliance discussions with every passing year, especially SOC 2. But what is a SOC report? Which one do you need? Why is a SOC 2 report so important? Do you actually need it, or is it something that just looks good on paper? There are three types of SOC reports, but we’ll mainly talk about the second one for now, which is “designed …

There are many aspects of complying with HIPAA regulations, and all are equally important to avoid facing the stiff penalties that come as a result of any violations. In addition to technical and physical safeguards for your PHI, the administrative safeguards of the HIPAA Security Rule require a contingency plan. This is comprised of a data backup plan, disaster recovery plan, emergency mode operation plan, testing and revision procedures as well as application and data criticality analysis. We’ll discuss how …

5 tools to protect patient data

Posted on October 3, 2014 by

As HIPAA regulations increase and cybersecurity threats advance, the healthcare industry’s effort to protect patient data gets more complex. Online Tech recently contributed to a story posted on BlogHIPAA.com that covers five tools to help protect patient information and ease the compliance burden: Email encryption Mobile phone BYOD protection HIPAA-compliant storage HIPAA-compliant hosting Compliance tracking solution BlogHIPAA spoke with representatives from industry-leading organizations in each of these areas, each of them focused on compliance. They each provided insight into why …

It amazes me how plentiful and important data has become to our lives. In the early 1990s, I co-founded a company that built a software product called WARE that tracked and analyzed workplace injury and illness information. WARE included critical data analytics to help with loss control, automated reporting required by Department of Labor regulations, electronic claim submission to the insurance carrier and automating many of the critical decisions required to properly report and track a case. The automated OSHA …

Note: The following article is part of a shared content agreement between Online Tech and InfoSec Institute. This article, written by cyber-threat analyst Aaron Bossert,  illustrates perfectly the difference between check-box compliance and compliance as part of your culture. While many of the examples below relate to NIFT standards, they can easily correlate to PCI, HIPAA or other compliance frameworks. (View original post.) “What’s in a name? that which we call a rose. By any other name would smell as …

Our online guides to information security (infosec) and compliance are scattered across our website and blog, but here’s a roundup of our best and most relevant resources that relate to this year’s Detroit SecureWorld security and compliance sessions, tomorrow and Thursday. Online Tech’s Senior Product Architect Steve Aiello will be speaking on a panel discussion tomorrow, October 16, about network security: Industry Expert Panel: Network Security Room: Suite 3 Time: 1:15pm – 2:15pm Description: Network Security is defined as, “the …

Get started now. Exceptional service awaits.

Live Chat