States Step Up, Above and Beyond, Compliance

Earlier this month, a blog post from our very own Garry McCracken discussed how meeting industry-specific compliance regulations can interrupt a company’s security strategy.

“Compliance does not necessarily mean data security, but a focus on security in terms of risk, confidentiality, integrity and availability is likely to cover a lot of compliance. A security-led approach is better than a “check list” compliance approach. This applies not only to the payment card industry but to all sectors including government, health, education, etc.” –Garry McCracken, CISSP, Vice President, Technology.

An interesting trend ongoing in the healthcare sector is the action by state legislatures to take security standards into their own hands following devastating breaches. Earlier this year, New Jersey passed a bill mandating health insurance companies in the state to use data encryption following the theft of two unencrypted laptops causing the Blue Horizon, Blue Cross, Blue Shield breach in 2014. After the recent attack on the locally-based Anthem, Connecticut aims to follow suit.

While we hope that it won’t take a major breach in every state to push this initiative nationwide, it is certainly reassuring to see state governments recognize that compliance standards like HIPPA are outdated. Earlier this week, the U.S. Office for Civil Rights announced that healthcare providers must undergo an in-depth HIPAA compliance standards audit; unfortunately, any approvals for the proposed changes will take even longer than it does to pass a bill through a state government!

If your state hasn’t hopped on board yet, it is worth looking into the laws that exist in Nevada, Massachusetts and New Jersey that exceed compliance with specific attention to encryption. For more information on security best practices for healthcare companies, check out the WinMagic eBook, “Healthcare Providers and Patient Data Security.”

 

Previous Post
Think Safety, Stay Secure
Next Post
Common Criteria collaborative Protection Profiles for FDE

Related Posts

Crypto-Currencies

Bitcoin, the first and most successful virtual currency has had an impressive year. Not only did its exchange value rocket up to over $1000 US, but also it expanded outside the world of online shopping into brick and mortar stores.…

Think Safety, Stay Secure

Safety is one of the most important aspects today – for people, for organizations, for governments and for countries. There is a lot of talk around the safety of people in general and data, which is critical to businesses. (more…)

Florida Gets Serious With Data Privacy

July 1st was a big day in Florida if you’re a follower of info security news. That was the day Florida’s new Florida Information Protection Act (FIPA) came into effect and had immediate consequences for anyone that does business in…
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu
 
Contact Us
 

This will close in 0 seconds