Category Archives: ISO 27001

$215,000 settlement that started from a report of 7 records

As required by HIPAA (45 CFR §§ 164.400-414), the Skagit County Public Health Department (Washington) reported that the HIPAA-related financial files of seven (7) individuals had been inappropriately accessed after they were moved to a server that permitted access by

ISO 27001 Courses

In partnership with the Professional Evaluation and Certification Board, we are pleased to offer the following ANSI accredited ISO Training Courses and Seminars. PECB Certified training course includes guidance for implementation, development for lead auditors and a wide variety of introduction

Memphis Regional Medical Center Health Data Breach

According to a public notice on May 9, 2013, Regional Medical Center in Memphis had a health data Breach of approximately 1,200 records. So far the Breach appears to be limited to those receiving outpatient services between specific dates. The

Payment Card Industry Data Security Standard

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Essentially any merchant that has a Merchant ID

What’s the real power and value of using the guidance from ISO 27001 for HIPAA Compliance?

HIPAA compliance is not just about information security through technical IT security controls. Indeed, technical controls play a large role in protecting our information assets, but technology is only a part of the larger issue of risk management. Risk managment is about protecting and ensuring the life and health of the business,