|Articles on Privacy and Security Laws and Regulations
Effective Practices for HIPAA and HITECH Compliance Measurements
In this article Mahmood Sher-Jan and I discuss how to employ effective metrics to comply with health care regulations.
Collaboration: The Key To The Privacy and Security Balancing Act
This paper, published by Oxford University Press, discusses the need for privacy and security programs to collaborate.
Business Associate Security And Privacy Programs: HIPAA and HITECH
After performing many BA security and privacy program reviews, I identified 10 common indicators of serious problems with BA information
security and privacy programs. Does your company have any of these problems?
U.S. Breach Notice Laws
This document contains a list of U.S. breach notification laws and the date in which they go into effect.
The list was updated on April 15, 2010
Keeping Up With The Breach Notice Laws
There are four common misconceptions about breach notice laws. Do you know what they are?
HIPAA Felony Convictions and Upcoming Trends
See the trends of non-compliance to HIPAA, especially in a weak economy.
You Will Be Judged By The Company You Keep
To help you justify business partner reviews, this article cites specific laws and contractual requirements that
mandate such reviews.
USA Patriot Act
This article discusses the ramifications of the USA Patriot Act and advice on determining the affects on your
Does COPPA Apply to Your Business?
This article discusses the act and highlights some of the act's requirements. For example, did you consider
that children should be able to understand the required Privacy Notice?
Does CA Law SB 168 Apply to Your Business?
This article gives advice on complying with the California state law that helps reduce identity theft. Remember,
the law could affect an organization that has a customer in that state.
Records Retention and Security Regulations...Think about It!
This article covers record retention that is required by many regulations.
It's Not The Size That Counts
This article discusses concerns and myths of security and privacy regulatory compliance of small and medium sized business. Links
to tools to help these businesses protect their information resources are provided.
Is your organization prepared for e-discovery? Odds are it is not. Read an introduction to e-Discovery requirements and how to comply
with the rules.