Here’s a quick look at the requirements service providers are expected to do for PCI DSS 3.2 and 3.2.1.
If your organization has ever had a Payment Card Industry Data Security Standard (PCI DSS) assessment, you’ve probably noticed the big emphasis on having documented security policies and procedures.
A risk analysis is the first step in an organization’s Security Rule compliance efforts.
Which data breach predictions came true in 2017 and what to expect for 2018. SecurityMetrics' Forensic Investigations Team has been helping business recover from data breaches and theft for over eighteen years.
We include an PCI IT Audit checklist PDF in our PCI Guide to give IT teams the support they need to fulfill each PCI DSS requirement, one by one.
Helping employees work from home securely is important for all businesses, but with this post we especially want to support SMBs and those companies without large staff or in-house security professionals.
Ransomware attacks are a type of malware. Malware means “malicious software” or “malicious executable.” On the evil scale, ransomware is near the top. It’s nasty stuff that you don’t want any part of.
The online payments ecosystem is plagued by formjacking attacks that siphon credit card data and other protected information from shopping cart pages.
Ecommerce business owners using Magento 1x need to be aware. All Magento 1 shops are at the end of life. What does that mean?
To protect the health of employees from the coronavirus (COVID-19) pandemic and to minimize the risk of financial losses due to productivity concerns, many companies are making plans to allow for employees to work from home.
Employees who irresponsibly use social media can potentially invite some serious HIPAA violations.
Fully understanding where PHI resides takes a lot of interdepartmental communication.
Would it surprise you to learn that most breaches originate from healthcare workforce members?
Privacy and security are much more than simply having a HIPAA compliant EHR.
Work on these small HIPAA compliance steps for at least 10 minutes per day for an entire month.
An industry-recognized methodology must be used when conducting a penetration test.
Learn more about PCI merchant levels and how they affect PCI requirements.
Far too many healthcare organizations are losing data and they don’t even know it.
The EU General Data Protection Regulation (GDPR) will come into effect on May 25, 2018.
Payment Card Industry (PCI) compliance is required for any organization that takes payment cards.
Maintaining HIPAA compliant passwords is a key step towards protecting ePHI.
HIPAA includes many such acronyms, mostly security-related.
Don’t forget to document every HIPAA compliance effort as evidence to present to the OCR if your entity is chosen for auditing.
.svg)
