All Aboard the HIPAA Omnibus - but is the ‘bus’ missing anything?
February 06, 2013, Andrew Hicks, Managing Principal, Coalfire
In the wake of the recently-released HIPAA Omnibus Rule with its upcoming deadline, healthcare organizations are trying to figure out how they’re going to achieve compliance. We’ve been busy trying to get through the 563-page rule and determine what it means to our clients.
Long-awaited HIPAA Omnibus Rule is Unveiled
January 21, 2013, Andrew Hicks, Managing Principal, Coalfire
As of January 17, 2013, the HIPAA Omnibus Rule has finally been released by the Department of Health and Human Services (HHS), which will modify the HIPAA privacy, security, and enforcement rules. The package of regulations, in regard to this long-overdue HIPAA Omnibus Rule, will officially be posted on the Federal Register on January 25, 2013 and will be put into effect on March 26, 2013. Covered entities and business associates will have until September 23, 2013 to comply with the new regulations.
FedRAMP PMO - FedRAMP Process and Developing SSP webinar Q&A
January 16, 2013, Tom McAndrew, EVP Commercial Services, Coalfire
The FedRAMP program continues to gain momentum and GSA and the FedRAMP PMO conduct great, interactive, webinars available to attend live or to watch later. There is much to learn from the GSA on how to navigate the FedRAMP process according to their requirements. Read more
South Carolina Data Breach Survey Results on Residents' Attitudes
January 15, 2013, Rick Dakin, CEO, Co-founder and Chief Security Strategist
Coalfire recently conducted a survey of South Carolina residents who were victims of the recent data breach at the Department of Revenue. The data breach affected residents of the State who had filed their taxes online exposing 3.8 million taxpayer Social Security numbers and nearly 400,000 credit and debit card numbers.
The PCI SAQ P2PE-HW: Patience, POIs and PIMs
January 15, 2013, Dan Fritsche, Practice Director, Coalfire Labs
The new PCI SAQ P2PE-HW (Point to Point Encryption Self-Assessment Questionnaire) was released in July 2012, and many merchants are excited about the prospect of a shorter, less arduous compliance validation effort. After all, it’s significantly shorter than the SAQ-D; instead 12 sections, there are 4, and 284 controls are reduced to 19.