What are you doing to celebrate Data Privacy Day? Led by the National Cyber Security Alliance, a nonprofit focused on cyber security education for online citizens; Data Privacy Day is celebrated every January 28th. Data Privacy Day recognizes the 1981 Convention 108, which was the first legally binding international treaty dealing with privacy and data protection, according to StaySafeOnline.org.
Business Data Security Resources
The purpose of Data Privacy Day is to empower people to protect their privacy and escalate the protection of privacy and data. The first step to empowerment is knowledge. Therefore, I have put together a number of personal privacy, mobile security and HIPAA & PCI compliance resources for businesses. Enjoy and celebrate!
Personal Privacy & Identity Theft
HIPAA and PCI Compliance
- HIPAA Compliant Hosting White Paper: Describes a HIPAA compliant data center IT architecture, contractual requirements, benefits and risks of data center outsourcing and vendor selection criteria.
- HIPAA Glossary of Terms: A collection of basic HIPAA terms to help you understand HIPAA compliance.
- HIPAA Resources: Policies, Procedures and Training Materials: HIPAA compliant resources for companies needing examples of HIPAA policies, procedures and training materials.
- Understanding HIPAA Privacy for Covered Entities: Learn what entities must comply with the HIPAA Privacy and Security Rules, the requirements of the HIPPA rules, and assistance to implement and maintain HIPAA compliance.
- OCR Summary of HIPAA Privacy Rule: Includes key elements of the Privacy Rule, who is covered, what is protected, individual rights, and uses and disclosures of protected health information.
- PCI Compliant Hosting White Paper: Explores the impact of the PCI DSS standard on data centers and server infrastructure, describes the architecture of a PCI compliant data center.
- What is PCI Compliance?: Understand the Payment Card Industry Data Security Standard (PCI DSS) requirements and who needs to be PCI compliant
- PCI Glossary of Terms: A collection of basic PCI terms to help you understand PCI compliance.
- PCI Report on Compliance: A PCI Security Standards Council template for PCI compliance.
Data Privacy for Mobile Security
- Mobile Security White Paper: Explores approaches to mobile security from risk assessment, enterprise architecture, policies and technologies, and mobile security architecture.
- BYOD: From Concept to Reality: During this presentation, Kirk Larson, VP & CIO at Children’s Hospital Central California, explains how the hospital uses a virtual environment to securely manage a BYOD (Bring Your Own Device) environment.
- Overcoming Cloud-Based Mobility Challenges in Healthcare: This webinar reviews the common challenges associated with mobile enablement, and introduces the new technologies that are empowering healthcare providers to securely engage their patients and practitioners through the mobile channel.
- Bring Your Own Device: Addressing the Security Challenges of Employee-Owned Devices in the Workplace: Archived Recording of a National Webcast Initiative available from MS-ISAC (Aug. 25, 2011)
- 2012 State of Mobile Health IT: The 2nd Annual HIMSS Mobile Technology Survey, sponsored by Qualcomm Life, found that over 90 percent of respondents reported physicians using mobile technology in their everyday operations.
- Latest Federal Mobile Malware Report: The Internet Crime Complaint Center (IC3), a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), recently released a report on the latest versions of mobile malware to affect Android smartphones.
- PCI Mobile Payment Security Recommendations Released by PCI SSC: The PCI SSC (Payment Card Industry Security Standards Council) just released a document addressing mobile device (smartphone, tablet or PDA) payments, PCI Mobile Payment Acceptance Security Guidelines, version 1.0.
- Bring Your Own Device: Dealing with Trust and Liability Issues: Forbes (Aug. 17, 2011)