The PCI Security Standards Council Friday released its long-awaited guidance on how mobile payment acceptance applications can meet PCI standards .
The council today listed the types of mobile applications now measured by the security standards, and which types require further review.
via PCI Council says mobile payment apps can meet security standard.
Until such time that it has completed a comprehensive examination of the mobile communications device and mobile payment application landscape, the Council will not approve or list mobile payment applications used by merchants to accept and process payment for goods and services as validated PA-DSS applications unless all requirements can be satisfied as stated
via PCI SSC Nixes PA-DSS Certification For Mobile Payments Applications – For A While « PCI Guru.
The National Institute of Standards and Technology (NIST) has issued the final version of its Guide to Industrial Control Systems (ICS) Security (SP 800-82),* intended to help pipeline operators, power producers, manufacturers, air traffic control centers and other managers of critical infrastructures to secure their systems while addressing their unique performance, reliability, and safety requirements
via Final Version of Industrial Control Systems Security Guide Published, National Inst.
An Alabama woman has been charged with violations of the HIPAA privacy rule for stealing paper surgery schedules of about 4,500 patients from Trinity Medical Center in Birmingham and intending to use the names, dates of birth and Social Security numbers to commit identity theft.
via Woman Faces Criminal Charges for HIPAA Privacy Violations.
On Tuesday, June 14, 2011, the PCI SSC released an Information Supplement regarding Virtualization Guidelines. Not only does this Information Supplement cover virtualization from a VMware and Hyper-V perspective, but also goes into cloud computing.
via PCI SSC Releases Virtualization Guidelines « PCI Guru.
Thursday, June 2, 2011, we were able to confirm that information taken from RSA in March had been used as an element of an attempted broader attack on Lockheed Martin, a major U.S. government defense contractor. Lockheed Martin has stated that this attack was thwarted
via Open Letter to RSA SecurID Customers.
An Alabama woman has been charged with violating the HIPAA Privacy Rule following allegations that she stole identifying information on about 4,500 patients from Trinity Medical Center in Birmingham
via HIPAA Violation Charged in Records Theft.
Legal experts say a Michigan court ruling over disclosing patient names places tighter restrictions on what information physicians can release during legal proceedings.
The decision also could impact peer review and lead to a rise in lawsuits against health care professionals over patient-privacy violations, they said.
via amednews: Michigan law trumps HIPAA in patient privacy case :: June 6, 2011 … American Medical News.
7 tips to avoid HIPAA violations in social media
via 7 tips to avoid HIPAA violations in social media.