This year marks the 13th annual National Cyber Security Awareness Month (NCSAM), which kicked off on October 1, 2016 (you can follow all of the action on Twitter by using the hashtag #CyberAware). The NCSAM theme for this week is “Cyber Security from the Break Room to the Board Room,” which provides an opportunity to… Read More
The New York State Department of Financial Services (NYDFS) has recently proposed a detailed and wide-ranging set of cyber security regulations for insurers, banks, and other regulated financial entities. While the proposed requirements do not spell out what means may be used to enforce the requirements, nor possible penalties, the NYDFS has broad criminal and civil… Read More
Big or small, if you are a covered healthcare entity or business associate that handles protected health information (PHI) in any capacity, you should be aware that the U.S. Department of Health and Human Services Office for Civil Rights (OCR) is notably strengthening enforcement and sanctions related to the HIPAA Security and Privacy Rules. In… Read More
What Boards Really Need to Know About Cyber Security Delta Risk’s Founder and Executive Chris Fogle dove into the subject of cyber security perspectives for boards and business executives in Part I of our board perspectives blog and in yesterday’s presentation at CyberTexas 2016. He also took a few minutes with The CyberWire Friday podcast to discuss board responsibility when it… Read More
What Boards Really Need to Know About Cyber Security Delta Risk’s Founder and Executive Chris Fogle dives into the subject of cyber security perspectives for boards and business executives. In addition to presenting on this topic today at CyberTexas 2016, he took a few minutes with The CyberWire Friday podcast to discuss board responsibility when it comes… Read More
The verdict is in: after much deliberation, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) confirmed that a ransomware attack should be classified as a breach of electronic protected health information (ePHI) under HIPAA, unless there is substantial evidence to the contrary. As we touched on in our previous blog, the OCR… Read More