New Healthcare Privacy and Security Guide Released
The Office of the National Coordinator for Health Information Technology (ONCHIT) Office of the Chief Privacy Officer (OCPO) recently released a Guide to Privacy and Security of Health Information – an instructional guide designed to help healthcare practitioners, staff, and other professionals better understand the important role privacy and security play in the use of [...]
read more →Vulnerability Management Risk Evaluation
Evaluation flowcharts can help determine risk and associated patching timelines for critical security bulletins. I recently had the opportunity to help a client perform a risk evaluation on Microsoft Security Bulletin MS12-020 related to RDP vulnerabilities that could allow remote code execution without authentication. It was rated at Critical by Microsoft. At the time of [...]
read more →Sail the “Cs” with Good Documentation
“When something really matters, you put it in writing,” said the man who likely never had to experience the tedium of writing governance documentation. Nevertheless, the policies and procedures that provide the foundation for an entity’s governance posture certainly merit such importance and due care. But why all the fuss about documentation? After all, procedures [...]
read more →
Risk Detective said "I'd just like to second the statements made about how BIA is not a lig ..."
steve.lodin said "Here is a good article from the Omaha World-Herald on the FBI catching ..."
steve.lodin said "Here is an update to this topic. ISSA releases SME data security st ..."
steve.lodin said "Hi AnJ! Long time! Thanks for pointing that out. What is interest ..."
AnJ said "One of another security relevant objectives (e.g., page 135) is: "Use ..."