Category Archives: FISMA

Federal Information Security Management Act of 2002

Insurance exchanges’ IRS Publication 1075 data compliance new to many

Protecting that tax data requires more than just HIPAA compliance. Separate breach reporting and data encryption rules apply, for example, and the IRS has some fairly specific rules for physical safeguards, including a prohibition on drop ceilings and prescriptions for cubicle wall heights where FTI is handled.

via Insurance exchanges’ IRS Publication 1075 data compliance new to many.

IRS Leaves Taxpayer Data Insecure, GAO Finds

The Internal Revenue Service still has IT security holes that could put taxpayer data at risk, according to a report from the Government Accountability Office.The IRS identified the security of taxpayer data as its top management priority for fiscal 2013, and the GAO credits the agency for steps taken in response to security issues identified in earlier audits of its computer systems. But the report notes that some problems with the agencys financial and tax-processing systems remain and identifies new ones.

via IRS Leaves Taxpayer Data Insecure, GAO Finds – Government – Security.

Q&A: Teresa Carlson of Amazon Web Services Discusses GovCloud | WHIR Web Hosting Industry News

The new AWS GovCloud Region offers the same high level of security as other AWS Regions and supports existing AWS security controls and certifications such as FISMA, SAS-70 Type II, ISO 27001, FIPS 140-2 compliant end points, and PCI DSS Level 1

via Q&A: Teresa Carlson of Amazon Web Services Discusses GovCloud | WHIR Web Hosting Industry News.

Final Version of Industrial Control Systems Security Guide from NIST Published

The National Institute of Standards and Technology (NIST) has issued the final version of its Guide to Industrial Control Systems (ICS) Security (SP 800-82),* intended to help pipeline operators, power producers, manufacturers, air traffic control centers and other managers of critical infrastructures to secure their systems while addressing their unique performance, reliability, and safety requirements

via Final Version of Industrial Control Systems Security Guide Published, National Inst.