States Step Up, Above and Beyond, Compliance

Earlier this month, a blog post from our very own Garry McCracken discussed how meeting industry-specific compliance regulations can interrupt a company’s security strategy.

“Compliance does not necessarily mean data security, but a focus on security in terms of risk, confidentiality, integrity and availability is likely to cover a lot of compliance. A security-led approach is better than a “check list” compliance approach. This applies not only to the payment card industry but to all sectors including government, health, education, etc.” –Garry McCracken, CISSP, Vice President, Technology.

An interesting trend ongoing in the healthcare sector is the action by state legislatures to take security standards into their own hands following devastating breaches. Earlier this year, New Jersey passed a bill mandating health insurance companies in the state to use data encryption following the theft of two unencrypted laptops causing the Blue Horizon, Blue Cross, Blue Shield breach in 2014. After the recent attack on the locally-based Anthem, Connecticut aims to follow suit.

While we hope that it won’t take a major breach in every state to push this initiative nationwide, it is certainly reassuring to see state governments recognize that compliance standards like HIPPA are outdated. Earlier this week, the U.S. Office for Civil Rights announced that healthcare providers must undergo an in-depth HIPAA compliance standards audit; unfortunately, any approvals for the proposed changes will take even longer than it does to pass a bill through a state government!

If your state hasn’t hopped on board yet, it is worth looking into the laws that exist in Nevada, Massachusetts and New Jersey that exceed compliance with specific attention to encryption. For more information on security best practices for healthcare companies, check out the WinMagic eBook, “Healthcare Providers and Patient Data Security.”

 

Previous Post
Think Safety, Stay Secure
Next Post
Common Criteria collaborative Protection Profiles for FDE

Related Posts

Crypto-Currencies

Bitcoin, the first and most successful virtual currency has had an impressive year. Not only did its exchange value rocket up to over $1000 US, but also it expanded outside the world of online shopping into brick and mortar stores.…

2014 the year of Cyberwar

This year has been a scary year when it comes to cyber-attacks. Almost 9 billion records were compromised so far, and I would not be surprised if there were more. When it comes to these data breaches it is not…

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu