On November 1st the data breach reporting requirements under Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) went into effect. US companies should be aware of these requirements and evaluate their operations to determine the applicability as well as what adjustment may be required to… Continue Reading
To give a little background, in March of this year, an exposé published in the Guardian and New York Times revealed that the personal data of 87 million Facebook users, 1 million of which were UK Facebook users, was harvested from their profiles through personality quizzes… Continue Reading
Social Engineering is a low-tech method used for gaining access to resources whether they are physical, technical, monetary, or informational (e.g. trade secrets, confidential). Phishing is one example of Social Engineering What is Social Engineering? Social Engineering is the art and science of getting people… Continue Reading
As a Certified HITRUST Assessor and career healthcare compliance and security specialist, I was very pleased to see OCR’s April Cybersecurity newsletter highlighting the differentiation between a HIPAA RISK Analysis and a HIPAA GAP Analysis. The confusion or lack of true understanding around the difference in these two… Continue Reading
As the GDPR enforcement date is upon us, many companies are shifting into panic mode trying to really understand not only what the GDPR means to their company operationally, but also where their true risk lies. How do they evaluate that risk? How do they… Continue Reading
How does the GDPR compare to IKEA? Well they’re both European for starters, and while IKEA is #trendy, GDPR is #trending. With the work I’ve done with clients utilizing our consulting services for GDPR support (which is primarily serving as liaison between the client and… Continue Reading
“It was the best of times it was the…” No really – it was great! What an exciting opportunity we had at CompliancePoint last week as we hosted our workshop in Atlanta, “Navigating the GDPR.” As described at the event our goal was more interactive… Continue Reading
HITRUST addresses challenges within Healthcare As the most widely adopted framework within the healthcare industry, the Health Information Trust Alliance (HITRUST) was created to provide a certifiable standard for health information systems and exchanges that create, access, process, store or exchange protected health information… Continue Reading
HITRUST certification can support compliance with many other healthcare related regulations. Currently there are many regulatory obligations placed on healthcare security and privacy officers. The need to comply with a multitude of standards, laws, and regulations can be daunting. There are synergies and overlaps,… Continue Reading
How adhering to PCI-DSS principles could have prevented a data breach The series of breaches recently publicly disclosed by Equifax could have been prevented by following PCI DSS guidelines. PCI DSS is an internationally accepted standard of controls which, when applied at the most basic levels,… Continue Reading
Copyright © 2018 CompliancePoint, Inc. All Rights Reserved | Privacy Statements | 
Subscribe to RSS Feed
Follow us on YouTube
Follow Customer Engagement on Twitter
Follow us on LinkedIn
RSS Feed Signup