Compliance Software

PCI DSS: No Angel, But Certainly Not the Devil

compliancesoftware — Wed, 11 Nov 2009 14:34:00 PST

We will briefly counter his objections as well as remind everybody that yearning for pre-PCI world is reckless and dangerous, since for many organizations “PCI level” of security is way above their current posture, however unbelievable it may sound to security literati. via PCI DSS: No Angel, But Certainly Not the Devil.

IG: Interior fails to comply with FISMA again – FierceGovernmentIT

compliancesoftware — Mon, 09 Nov 2009 04:50:18 PST

The Department of the Interior has once again failed to comply with the Federal Information Security Act in fiscal 2009, the department’s inspector general said last week. A new IG report blamed a decentralized organization structure, fragmented IT governance processes, lack of oversight, bureau resistance to departmental guidance and use of under-qualified personnel to perform [...]

House Panel Approves Cyber-security Awareness Act

compliancesoftware — Sat, 07 Nov 2009 13:14:09 PST

A U.S. House subcommittee approved Nov. 4 the Cybersecurity Coordination and Awareness Act, legislation that would require NIST (National Institute of Standards and Technology) to develop and implement a plan to ensure coordination within the U.S. government with regard to the development of international cybersecurity technical standards. via House Panel Approves Cyber-security Awareness Act.

Senate Committee Passes Data Breach Laws

compliancesoftware — Sat, 07 Nov 2009 13:13:36 PST

The U.S. Senate Judiciary Committee passes two bills that establish federal guidelines for data breach notifications. Two sweeping bills that would set new standards for data breach notifications made their way out of the Senate Judiciary Committee Nov. 5. The committee voted yes on the Personal Data Privacy and Security Act of 2009 (S.1490) and the Data [...]

Vivek Kundra: Cybersecurity dashboard on its way

compliancesoftware — Sat, 07 Nov 2009 13:10:48 PST

The Cyberscope system, a new tool released by The Office of Management and Budget that allows federal agencies to report FISMA compliance through an authenticated web-based reporting, is a step in that direction. “We’re moving from a manual, reporting-based, compliance-focused approach to a real-time measurement of actual cybersecurity,” said Kundra, of the “Cyberscope” system that [...]

A HIPAA Twist That Can Hurt

compliancesoftware — Thu, 05 Nov 2009 18:48:26 PST

Here’s how it typically happens: Someone steals your Social Security or insurance policy numbers and uses it to pose as you to illegally obtain medical care. Since the provider thinks the impostor is the real you, information concerning the impostor’s condition and treatment is added to your medical record. Not only is this fraud, but [...]

HHS publishes interim final HIPAA rule

compliancesoftware — Sun, 01 Nov 2009 04:49:34 PST

Under the interim final rule published Friday, the following penalties for HIPAA violations will apply on or after Nov. 30: # The minimum civil penalty is $100 per violation if the covered entity was unaware of it and, by exercising reasonable diligence, would not have known about the violation. # The minimum civil penalty is $1,000 per [...]

Latest Reform Bill Would Revise HIPAA Standards, Track Medical Devices – iHealthBeat

compliancesoftware — Sat, 31 Oct 2009 21:04:28 PDT

HIPAA Transactions The latest House bill also includes a provision to establish national standards for electronic claims submission and other HIPAA transactions. The provision calls for officials to develop data exchange capabilities that can: * Determine a patient’s financial responsibility at the point of service; * Enable real-time claims adjudication; * Harmonize data sets from administrative and clinical transactions; and * [...]

Automated FISMA Reporting Tool Unveiled

compliancesoftware — Sat, 31 Oct 2009 20:55:27 PDT

The Office of Management and Budget this month unveiled an interactive collection tool called CyberScope that should help agencies fulfill their IT security reporting requirements under the Federal Information Security Management Act. via Automated FISMA Reporting Tool Unveiled.

Agency Infosec Spend a Mystery to OMB

compliancesoftware — Sat, 31 Oct 2009 20:52:45 PDT

The White House Office of Management and Budget does not know how much its departments and agencies specifically spend on IT security, Federal CIO Vivek Kundra told a Senate panel Thursday. Kundra said he was shocked to learn that the OMB never collected from agencies specific IT security expenditures, just aggregate data, when he took over [...]