.The Washington My Health My Data Act (WHMDA) is a new law that aims to protect the privacy and security of personal health information in Washington State. The law applies to any entity that collects, uses, or discloses personal health information in Washington or about Washington State residents. Not for profit organizations and patient advocacy
Assured SPC Blog
Blog Authors
Latest from Assured SPC Blog
The Washington MHMD law could have a big impact on your organization
There are many health data privacy and protection laws in the US. Most people know HIPAA protects their privacy and requires protection of their personal health information. But it only affects specific business that are classified as covered entities (doctors, hospitals, pharmacies, health insurance companies) and the companies that provide services to covered entities. These…
Worried about AI / ML?
This is a scary moment for AI / ML
This is a scary moment for artificial intelligence / machine learning (AI / ML). We are at a point where developers are implementing AI / ML wherever there it has potential value. It is being used for good applications including:
- Automation of helpdesk bots to answer
…
CIS Controls 8.0 Webinar
The post CIS Controls 8.0 Webinar appeared first on Assured SPC.
Agile Cybersecurity
Incremental or Agile Cybersecurity
Description: Organizations struggle with many cybersecurity issues. These issues include managing information security risk, changing threats and the cost of safeguards. An effective solution is to approach cybersecurity as a step-by-step journey. Barry Weber, vCISO and Privacy Practice Leader for Assured SPC, presented a view of how to improve cybersecurity without…
Finally, a test for “reasonable” security
Overview
Many privacy laws require that organizations implement “reasonable security”. There have been many definitions of reasonable security. The Sedona Conference issued a final commentary on reasonable security for personal information on February 17, 2021. This definition is likely to be accepted by courts and other adjudicators across the US. It is based on a…
Webinar: Cybersecurity (Without Boiling the Ocean)
Announcing a Secure The Village Webinar on Cybersecurity (without boiling the ocean)
Date and Time: March 11, 2021 (10-11am PT)
Description: Organizations struggle with many cybersecurity issues demanding attention, time and money. These issues include managing information security risk, the ever-changing landscape of threats and the cost of safeguards. An effective solution is to approach cybersecurity…
How to avoid or minimize the cost of privacy compliance
Minimizing privacy requirements is good for business
At Assured SPC, we help businesses satisfy regulatory and third-party requirements for information security and consumer/resident privacy. Whenever possible, we provide guidance on how to avoid and minimize cost and impact of privacy compliance requirements.
There is an answer
Businesses have a right to minimize the ongoing effort…
SolarWinds Orion Supply Chain Attack
Learnings from the SolarWinds Orion cybersecurity attack
Some details on the SolarWinds attack are coming out. Full details on the attack may not be fully understood for months. But we know it has been significant. I participated in an insightful webinar conducted by #cyberereason yesterday. There was a conclusion that I’ve been thinking about since.…
Top 5 CCPA Privacy Do’s (and Don’ts)
Top 5 CCPA Privacy Do’s (and Don’ts)
There is a lot of talk about legal privacy requirements, the steps to implement a privacy program and technology that can assist. Here is a list of what we consider the Top 5 Privacy must do’s or don’ts.
1. Get rid of personal information that does not have…