One of the biggest challenges that global organizations face is the pervasive risk of serious fines as mandated by consumer data privacy regulations. The EU General Data Protection Regulation (GDPR) is among the toughest data protection laws. Under the GDPR, the EU’s data protection authorities can impose fines of up to €20 million (roughly $20,372,000), […]
The last several years have seen an ever-increasing number of cyber-attacks, and while the frequency of such attacks has increased, so too has the resulting damage. One needs only to look at CISA’s list of significant cyber incidents to appreciate the magnitude of the problem. In May of 2021, for example, a ransomware attack brought […]
In its latest security update, SAP announced the patching of a total of 13 security flaws, all considered critical and of high severity. The most serious of these failures were tracked as CVE-2020-10683 and CVE-2021-23926, two XML injection errors that received scores of 9.8/10 according to the Common Vulnerability Scoring System (CVSS). As some users […]
SOX refers to the Sarbanes-Oxley Act, a US law that lays out requirements to ensure the integrity of source data pertaining to financial transactions and disclosures. Introduced in response to the financial scandals of the early 2000s, it aims to help shield investors from fraudulent or misleading financial reports. So what is this topic doing […]
For many companies, data compliance regulations are a huge burden, and one that’s only getting heavier. The GDPR regulations introduced in the EU last year were just the tip of an iceberg of customer confidentiality and permission requirements. Hot on its heels comes the California Consumer Protection Act (CCPA), due to become effective in January […]
PCI DSS Non-Compliance impacting the business in various ways and leads to a variety of consequences. PCI DSS is a set of information security standards for corporations that help safeguard payment card data from data loss, theft, or other accidents. It helps ensure trustworthy transactions by your merchants or their customers. PCI DSS is not […]
SOX — the Sarbanes–Oxley Act — is public legislation in the US that helps “to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes.” Although the Sarbanes–Oxley Act is a legal obligation for every organization, it proves to be a beneficial business practice […]
Like many countries, national defense is a top priority for the United States. National defense is such a critical aspect of U.S. policy that the U.S. government created the International Traffic and Arms Regulation (ITAR) and required specific companies to follow ITAR compliance. ITAR definition The ITAR is a U.S. export control law that regulates […]
As more and more people are conducting their everyday financial transaction needs through the use of smartcards, that is the reality on the ground. People use less cash, and the growing demand for the use of debit/credit cards is globally speaking the release of EMV cards to replace magnetic stripe cards are not yet fully […]
Customers are looking for services and products that they believe are suitable for them. At the same time, these people expect safer and secure means for executing their transactions. While that is the case, businesses need to ensure their customers’ information remains protected. For that to happen, the following components of a PCI Compliance Checklist […]
The National Institute of Standards and Technology, or NIST, is a government agency (non-regulatory) that develops metrics, standards, and technologies that aim to drive both innovation and the economic competitiveness of organizations in the science and technology industry based in the U.S. NIST is tasked to create guidelines in order to help federal agencies meet […]
In today’s digital world, information is the most important asset of many companies. This forms much of their business decisions and potential to earn money. This is also why others try to target corporate data. To counter this, FISMA compliance was created. What is FISMA compliance? FISMA is an abbreviation of the Federal Information Security […]
HIPAA Definition The Health Insurance Portability and Accountability Act (HIPAA) is a bill that was signed by then-President Bill Clinton in 1996. One of this act’s main goals is to update the flow of healthcare information and consequently improve the protection of patient data. Through HIPAA compliance, reducing of health care fraud and abuse is […]
The United States Congress passed the Sarbanes-Oxley Act (SOX) in 2002. This was introduced to protect shareholders and the general public from fraudulent practices in enterprises and accounting errors. It was intended to improve the accuracy of corporate disclosures. The act sets a rule on requirements deadlines for compliance and publishes. The act was drafted […]
The regulatory agency in Italy declared that the social network is guilty of deceiving consumers regarding the use that gives their data Facebook has been fined by European authorities for the second time for breaches related to users’ privacy. This time, the authority that has decided to fine the company is Italian Competition Authority (ICA), […]
Update your GDPR Compliance plugin right now. Security researchers have identified a critical vulnerability in the popular WP GDPR Compliance plugin assisting over 100,000 website owners around the world to comply with European privacy regulations known as GDPR that was announced by European Union on May 25th, 2018. The vulnerability was discovered by researchers at Wordfence which allows hackers to […]
The General Data Protection Regulation became enforceable on May 25th, 2018, and since then, the risk of a cyber breach has become considerably more concerning for those hosting and processing the information of EU citizens. From massive fines (think €20 million!) to damaged reputations, the consequences of complacency on the subject of data protection and […]
Organizations that gather data of citizens in the European Union (EU) nations should agree to strict new standards around ensuring client information by May 25. The General Data Protection Regulation (GDPR) is relied upon to set another standard for consumer rights with respect to their information, however, organizations will be tested as they set up […]
Data protection has never been more important, and keeping up to date on your requirements as business is becoming a vital part of your business management. With the introduction of the General Data Protection Regulation (GDPR) that comes into effect in May 2018, it’s vital to ensure that you are protecting the data that your […]
As modern technology progresses, we often find that the ways we used to do things grow inefficient and they need to be modernized. The Gramm-Leach-Bliley Act (GLBA) is one of the provisions that has been enacted to help banks use all of the technology at their disposal, but it can be somewhat complicated. Over the […]
This is a quick reminder that the September 23 deadline for compliance with the new HIPAA regulations is rapidly approaching. Organizations that handle protected health information (PHI) need to be sure they are up to speed on the changes and ready to withstand scrutiny. In general, you will need new NPPs and BAAs (Notices of