Are you in danger of missing the HIPAA Omnibus?
August 28, 2013, Ken Ballard,
On September 23, 2013, many companies will be required by law to comply with HIPAA…and they don’t even know it. Specifically, the final HIPAA Omnibus Rule pulls all companies under the law if they store, process, or transmit PHI data as part of their business processes. While the Omnibus Rule was drafted in late 2012, Coalfire still sees a lot of confusion among service providers, or business associates.
Highlights of Newly Released PCI DSS 3.0 Information
August 15, 2013, Matt Getzelman, PCI Practice Director
The standards are coming! The PCI SSC has finally let loose with some much needed information regarding the upcoming releases of the PCI DSS 3.0 and PA DSS 3.0 standards. Available on the PCI SSC website; the document titled “Version 3.0 Change Highlights” contains information on what PCI stakeholders can expect in the upcoming release of the new security standards:
MAPCO Incident Highlights the Risks Faced by All Convenience Stores
August 13, 2013, Chris Lietz, Vice President, Marketing & Channels
On May 6, 2013, convenience store operator MAPCO Express, Inc. did a responsible thing – they issued a press release that shared important information about a data security incident that was discovered at their stores. Such notices ---along with a whole lot of behind-the-scenes investigative work – are standard operating procedure when incidents are discovered.