States Enact Even Tougher Breach Notification Laws than Federal HIPAA Requirements

Starting September 1, 2018, Colorado’s new Protections For Consumers Data Privacy law will require organizations to notify victims of breaches containing personal information within 30 days of determining that a breach occurred — 30 days before current federal HIPAA requirements. Like other state laws, Colorado’s newest approved bill signals to healthcare organizations that you can […]

Securing Health Care Records

Insider negligence is no longer the number one cause of data breaches in the healthcare industry—cybertheft and physical theft have now claimed the dubious honor. The Ponemon Institute’s Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data shows that healthcare information has become a prime target for malicious hackers, with lone cybercriminals and […]

Data Security Lessons To Learn Right Now

Data Security Lessons To Learn Right Now Much has been said about the recent Ashley Madison (AM) hack attack, and even more was said about the subsequent data dump of highly sensitive customer information. Are there lessons to be learned from AM? To some extent—the consequences would have been worse had card data not been […]

PCI DSS 3.0: Are You In Compliance Yet?

The new Payment Card Industry Data Security Standard 3.0 (PCI DSS 3.0) that went into effect on January 1 contains significant changes.  Some of the requirements will remain suggested best practices until July 1, 2015. After that, they too become mandatory. PCI 3.0 will have the greatest impact on e-commerce merchants who partner with third […]

Has Sloppy Security Slipped Into Your Network Ecosystem?

Much has been said about Sony, and much remains to be said. But the bottom line is that Sony was a cyber attack that was simply waiting to happen. This is a company that has been repeatedly hit by malicious hackers who, angered by Sony’s approach to Digital Rights Management, were determined to wreck havoc […]

Get Ready Now for 2015 HIPAA Audits

A random audit program to gauge HIPAA compliance is expected to commence in early 2015. This round will include both on-site and off-site reviews. Your New Year will be happier if you start getting audit-ready now. We have provided you with tips below to make the process easier. Off-Site Audits Off-site audits focus on documentation […]

Protecting Your Intellectual Property – Tips from Real World Audits

Introduction In the course of any given year BAI Security performs hundreds of IT Security Audits for truly security-conscious organizations in highly regulated industries.  Our specialization includes in-depth IT Security Audit and Forensic services primarily to the Banking and Finance, Pharmaceutical, Healthcare, and Insurance sectors. In an effort to bring awareness to growing trends related […]