Archive | November, 2013

HIPAA Audit Tips – Conduit, Business Associate, or Something Else?

In a recent blog post we advised: “Be Careful Claiming “Conduit””. Two of our colleagues, Jason Riddle and Gary Ridner, attended the OCR/NIST 6th Annual Conference on Safeguarding Health Information in Washington in early June. Jason Riddle offers up this blog post and tip. Here’s today’s big tip – Sort out your Business Associate status before OCR does!

Continue Reading

Missing Mobile is Like Watching the Puck Fly By

Thanks to Andrew Hay for a retweet that I happened upon last night! Keli at Bluebox Security did a post entitled PCI DSS Ignoring Mobile Security is Irresponsible that discusses some of the implications of the Council’s lack of guidance and standards around this emerged (it was emerging five years ago) technology. While many security […]

Continue Reading

Hosed by Codeshares AGAIN

That’s a biggun! Yep, a little bit off topic, but that’s why I have a Diversions file! Some of you may remember a post I did for all of your frequent fliers a couple of years ago about some travel trouble I was having with airline tickets purchased as codeshares. In all fairness, this isn’t […]

Continue Reading