Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Feroot

The Hidden Cost of Web Pixels - A Privacy and Security Nightmare

Hey everyone, let’s talk about something we all encounter every day on the internet: web pixels. You might know them as tracking pixels or pixel tags. These tiny snippets of code, often invisible to the naked eye, are embedded in websites and emails. They might seem harmless, but they can have big consequences for your company’s privacy and security.

Is Your Company's Website Compromising Customer Data?

If you are a security, compliance, and privacy professional, it’s time to focus on an often-ignored issue—client-side security. While many organizations dedicate significant resources to protecting their servers, there’s a critical question to consider: are you also safeguarding what’s happening on your users’ browsers?

Is Your Hospital Sharing Patient Data with Facebook? A Guide for Security and Privacy Teams

Recent lawsuits have revealed a critical privacy concern for healthcare providers – the sharing of patient data with Facebook through tracking pixels. We wrote this article to help your security and privacy teams assess their risk, identify key stakeholders, and understand the urgency of this issue.

Is Your Website Leaking Sensitive Patient Information to Facebook? A disturbing story about HIPAA (and How to Avoid It)

Picture this scenario: You’ve used every tool you have to secure your web pages and forms so patient information is safe. One day, a potential patient Googles “hysterectomy options” and ends up on your hospital’s website. They browse around, maybe even schedule an appointment online. You have no reason to worry, right? Because you’ve done what you could to secure those pages.

Navigating HIPAA Compliance When Using Tracking Technologies on Websites

Websites have become indispensable tools for healthcare organizations to connect with patients, streamline operations, and enhance service delivery. Modern websites are composed of components that “build” unique user experiences in real time.However, the use of tracking technologies on these websites presents unique challenges in complying with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Unauthenticated Webpages: Hidden HIPAA Risks on Public-Facing Websites

When we think about HIPAA compliance and websites, the focus often shifts to patient portals, online scheduling systems, and other secure areas requiring user authentication. However, it’s crucial to recognize that even unauthenticated webpages, those accessible to the public without logging in, can present hidden HIPAA risks. Let’s explore these often-overlooked vulnerabilities and discuss how covered entities can mitigate potential compliance pitfalls.

Websites and HIPAA: Navigating Online Tracking Technologies

Today, healthcare providers, insurers, and other HIPAA-covered entities are increasingly relying on websites to share information, engage with patients, and streamline operations. While websites offer numerous benefits, it’s crucial to understand the implications of online tracking technologies for the privacy and security of protected health information (PHI).

How to comply with PCI DSS 4's Req 6.4.3 and 11.6.1 in 4 minutes or less?

Being PCI DSS 4 compliant is crucial for e-commerce merchants—businesses that accept credit card payments on their websites and web applications. The new PCI DSS requirements (6.4.3 and 11.6.1) are designed to strengthen payment page security, and if you’re processing online payments, you’re likely required to comply. Compliance helps protect your customers’ sensitive payment information while ensuring the integrity and security of your payment process.

What Is the Cheapest Way to Comply with PCI DSS Requirements 6.4.3 and 11.6.1?

If you’re running a business that takes online credit card payments, you know that you’ve got to become compliant with PCI DSS Requirements 6.4.3 and 11.6.1. Meeting these requirements is crucial for PCI DSS Version 4 Compliance and helps prevent costly data breaches. However, the costs of compliance tools can add up quickly, especially for small businesses. In particular, PCI DSS requirements 6.4.3 and 11.6.1 can seem daunting.

How to Achieve HHS Requirements and Avoid HIPAA-related Lawsuits on Your Website

Healthcare organizations today face an imminent threat to securing private health information (PHI) on their websites. For this reason, HHS has released requirements to help organizations and patients stay protected. Non-compliance can result in HIPAA violations leading to costly lawsuits. Most healthcare companies use tracking technologies for marketing and analytics. Sometimes these trackers, cookies, and pixels collect and share more health information than is necessary, leading to privacy breaches.