Monthly Archives: December 2010

FISMA capstone document released by NIST — Government Computer News

The National Institute of Standards and Technology has released a draft of its guidelines for implementing enterprisewide information risk management. The document defines the underlying principles for implementing the Federal Information Security Management Act.

via FISMA capstone document released by NIST — Government Computer News.

Healthcare Providers Receive FTC Red Flags Exemption from Congress

On Tuesday, December 7, the House by voice vote joined the Senate in passage of S.3987, the Red Flag Program Clarification Act of 2010.  On November 30, 2010, the Senate passed this legislation by unanimous consent.  The bill has been cleared to the White House for signature.

via HIPAA.com – Healthcare Providers Receive FTC Red Flags Exemption from Congress.

In 2011 The GRC Market Will Grow 20%, Driven More By Breadth Than Maturity | Forrester Blogs

On the heels of Forrester’s GRC Market Overview last month, this week we published my Governance, Risk, And Compliance Predictions: 2011 And Beyond report. Based on our research with GRC vendors, buyers, and users, this paper highlights the aggressive regulatory environment and greater attention to risk management as drivers for change

via In 2011 The GRC Market Will Grow 20%, Driven More By Breadth Than Maturity | Forrester Blogs.

Amazon Web Services achieves Level 1 PCI compliance

Amazon Web Services LLC AWS, a subsidiary of Amazon.com recently announced it has achieved Level 1 compliance with the Payment Card Industry PCI Data Security Standard DSS. Merchants and other service providers can now run their applications on AWS PCI-compliant technology infrastructure to store, process and transmit credit card information in the cloud. Customers can use AWS cloud infrastructure

via InformationWeek – Cloud Computing – Amazon Web Services achieves Level 1 PCI compliance.

200 Breaches Impacting Almost 5.9 Million Individuals, with Theft and Loss of Laptops and PEDs Major Cause

As of today’s posting by OCR on its Website, there were 200 breaches involving 5,887,170 individuals that had been reported by covered entities. The dates of these breaches ranged from September 22, 2009 to October 17, 2010.

via HIPAA.com – 200 Breaches Impacting Almost 5.9 Million Individuals, with Theft and Loss of Laptops and PEDs Major Cause.