Tag Archives: HIPAA

If HIPAA Compliance Seems Too Hard … Then You’re Doing it Wrong. Here are the Basics of Doing it Right.

In April of 2013 the Office of Civil Rights, the branch of the Department of Health and Human Services that oversees compliance with the HIPAA Security Rule, started releasing analysis from their pilot audit of Security Rule compliance. In 2012, OCR and their audit partner KPMG set out to assess 115 organizations: hospitals, insurance companies, […]

SEIM Many Logging Options – What to Do?

Log and Security Event Information Management (SEIM) are two of the 20 Controls that SANS lists for network security. They are also some of the more controversial ones. Logs are very much like digital fingerprints for one’s network and applications. It has great value for both noticing exploits (visibility) and forensically investigating those which have already […]

How Business Pushes Information Security Compliance

The United States is an exceptional country in many ways, not least of which is that we don’t like doing what governments tell us to do. It’s in our moral fiber to rebel. One telling example of this was expressed in a historical article comparing US railroads to European railroads in the nineteenth century. What […]