Security Standards

HIPAA 5010 and ICD-10: The Road to Compliance

Healthcare payers and providers are facing two major compliance initiatives over the next couple of years: conversion from the HIPAA 4010 electronic transaction set to the 5010 set and conversion from ICD-9 codesets to ICD-10. These initiatives will impact nearly every core process, system and interface across the industry, and industry costs are expected to be in the billions of dollars. Although healthcare stakeholders are facing 2012 and 2013 regulatory deadlines, few have begun actively planning for conversion. Industry research has shown that many organizations are still in the information gathering phase, trying to assess potential impacts on themselves, their vendors and business partners.

Risk Assessments: The Key to Continuous Compliance

Just about every person who runs and manages businesses will agree that, in order to compete in the marketplace, a company must assume a certain amount of risk. But they would also agree that the risks have to be calculated risks based on hard data, historical information and some sort of cost-benefit analysis. In most cases, "Leaping before looking" will ultimately lead to failure. That is why traditional risk management is founded on maintaining stability by mitigating risk. But before a company can determine how to mitigate the risk, they must identify the specific risk factors and evaluate which risks are to be managed and which are to be avoided.

Mitigate Risk with Compliance Management Solutions from Novell

In today's environment of rapid change and porous networks, firms take risk just by staying in business. Recording changes is no longer enough because compliance is not just about filling out forms. It is also about managing risk, and turning it into a strategic asset, a transformation enabled by Compliance Management solutions from Novell.

Hands-Free Compliance - The Key to Doing More With Less

With more compliance loopholes coupled with a shrinking number of resources, organizations need a technological foundation that automates compliance processes.

TechNet Webcast: The Case for Data Governance to Maintain Privacy, Confidentiality and Compliance (Part 1 of 4) (Level 100)

As organizations handle growing volumes of personal data and use it in more diverse ways, they must contend with greater risks and complex compliance requirements to meet government, consumer, investor, and employee expectations for security and privacy. In addition to this, organizations also have to worry about maintaining the confidentiality and integrity of their intellectual property and other trade secrets. This webcast is for IT professionals and technical or business decision makers who are looking to understand the key data security, privacy, and compliance-related concerns, what data governance is and what it encompasses, and how data governance compliments IT governance and compliance.

Harmonizing Controls to Reduce Your Cost of Compliance

Mounting regulations across the globe have increased the cost and burden on organizations. The high cost is especially felt by organizations which must adhere to multiple requirements - 75 percent of organizations must comply with two or more regulations and corresponding audits and more than 40 percent must comply with three or more regulations.

Audit preparation typically occurs in functional silos, with different project teams focused on addressing an individual compliance initiative, resulting in significant operational inefficiencies and higher costs to demonstrate compliance.

This webinar examines the Unified Compliance Framework and how it can be leveraged to harmonize controls across multiple regulations such as PCI, SOX, HIPAA, NERC and many others. Learn how to eliminate overlapping control requirements and ensure a more efficient and less costly approach to compliance.

Keys to Aligning Security and Compliance - How to Connect the Dots

The pressure is on as organizations today face mounting demands to maintain an enterprise-wide security posture while adhering to the growing number of compliance regulations. Without the right processes and tools to effectively navigate through the security and compliance maze, IT professionals often resort to manually poring through spreadsheets and pulling together all of the necessary data and proof points to pass their audit and check the compliance box. But it doesn't have to be this painful with today's innovations in compliance and IT risk management. By aligning and connecting the dots across security and compliance, organizations can create business value as policies and procedures can be formalized and security of data and other assets preserved. In this webcast, Nigel Stanley, analyst with Bloor Research and Alan Bentley, VP of Lumension, examine:

• The types of risks introduced by poor compliance and security failures
• The impact to an organization's brand and reputation as well as the costs to the bottom line
• Practical steps organizations should take to align security and compliance initiatives

Compliance & Best Practices for Email Marketers

Whether one is new at sending email campaigns to contact lists or are a seasoned veteran of email marketing, one faces many challenges in the struggle to keep the email practices compliant. The list must be up to date, while every member in it must be opted in, using clear terms. This white paper aims to dispel the myths of delivery, addresses the concerns of legitimate marketers, and explains the expectations of both the recipients and their email hosting providers.

Intellitactics: 5 Steps to Everyday Compliance - Extracting Long Term Value With the Lowest Total Cost of Ownership

One knows compliance is not an event that one preps for whenever the Qualified Security Assessor is on site or the auditors are making their rounds. Instead, effective and efficient security practices enable everyday compliance. Everyday compliance strengthens enterprise security, is more likely to prevent costly data breaches. Many believe that in the case of headline grabbing data breaches the companies involved may very well have been compliant with certain standards at a given point in time. But during the days, weeks or months leading up to breaches, which cost their company and their customers millions of dollars, some policy was violated, some process overlooked, some safeguard penetrated.

Database Security and Compliance Risks

The impact of security weaknesses like those described in this report on society at large have not escaped the attention of governments around the world - many are now demanding action. Upon the release of the report, President Obama declared that he would henceforth treat the nation's entire digital infrastructure as a critical asset. The president stated, "Protecting this infrastructure will be a national security priority. The paper will ensure that these networks are secure, trustworthy, and resilient. The paper will deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage."