GDPR Fundamentals: Data Security Requirements

by Mark Hinely / October 11, 2023

 Appropriate Data Security Controls While GDPR is primarily a data privacy law, it also includes elements of data security. But of course, GDPR is ambiguous so it’s not very prescriptive when it comes to data security requirements for processing personal data. The law requires each organization to evaluate its own data security based on risk, processing activities, and its organizational structure. By putting this in the hands of the…

How Mobile Devices Impact Protected Health Information

by Sarah Harvey / June 14, 2023

The use of mobile devices has absolutely transformed healthcare. Have you ever checked into a walk-in clinic on a tablet? Has a doctor shown you X-rays through a digital screen, rather than on film? Have you paid a medical bill through an app? Mobile devices are altering patient care. The need for mobility in healthcare settings is pervasive and the security threats that mobile devices pose are only going to…

How to Lead a Cybersecurity Initiative

by Sarah Harvey / June 14, 2023

Are you a CISO, CCO, ISO, or member of the IT department that’s building and leading a cybersecurity strategy? Don’t know where to start? The foundation of a cybersecurity strategy should be built on basic principles of security – patch management, risk assessment, network monitoring, vulnerability management. From there, you must cultivate awareness of the evolving threat landscape, observe regulatory responses, continue to train and invest in your team, and…

GDPR Fundamentals: Data Protection Officers

by Mark Hinely / April 5, 2023

 Most organizations who are required to comply with GDPR will have a Data Protection Officer (DPO). The requirement to have a DPO applies if you are a public authority, if your regular activities require large-scale and systematic monitoring, or if your core activities consist of large-scale processing of special categories of data. Qualifications of a Data Protection Officer When hiring a DPO, GDPR specifies that the individual must have…

Business Continuity and Disaster Recovery: How to Avoid a Crash Landing

by Randy Bartels / June 14, 2023

I Piloted an Emergency Landing, and So Can You It can be easy to put business continuity and disaster recovery planning on the back burner if your organization has never been affected by a disaster. But what would happen if a power outage, tornado, or data breach hit your organization and you didn’t have any plan in place? Disaster strikes when you’re least expecting it. It’s critical that you ensure…