%term

HHS HIPAA Guidelines Target Tracking on Public Web Pages

May 1, 2025 By Feroot In Feroot

The U.S. Department of Health and Human Services (HHS) has shared new guidance on HIPAA. This guidance focuses on using tracking technologies on public healthcare pages. This updated directive directly impacts healthcare organizations utilizing tools like Meta Pixel, Google Analytics, or session replay scripts. While these are effective for understanding user engagement, they may inadvertently collect PHI—protected health information—if configured improperly.

Read Post

Feroot

Read more about HHS HIPAA Guidelines Target Tracking on Public Web Pages

How compliance frameworks strengthen security and insurability

May 1, 2025 By Vanta In Vanta

This blog was written in partnership with the Vouch team. ‍ Today, cyber threats are more pervasive than ever, with businesses facing increasing risks from data breaches, ransomware attacks, and regulatory fines. To mitigate these threats, many companies turn to cyber insurance for financial protection. ‍ However, securing and maintaining cyber insurance isn’t just about paying a premium.

Read Post

Vanta

Read more about How compliance frameworks strengthen security and insurability

VantaCon UK 2024 | The State of Trust in AI World

Apr 30, 2025 By Vanta In Vanta

Security and compliance experts share their insights and analysis of Vanta’s State of Trust Report in this panel discussion.

View Video

Vanta

Read more about VantaCon UK 2024 | The State of Trust in AI World

Understanding the Opportunity: DORA and NIS 2 Compliance for MSPs

Apr 30, 2025 By WatchGuard Technologies In WatchGuard

Stephen Helm presents on the opportunity for MSPs on the new DORA and NIS 2 compliance requirements.

View Video

WatchGuard

Read more about Understanding the Opportunity: DORA and NIS 2 Compliance for MSPs

Top 5 HIPAA Pitfalls That Lead to PHI Leaks on Websites

Apr 30, 2025 By Feroot In Feroot

Maintaining HIPAA compliance on healthcare websites is crucial for protecting PHI (Protected Health Information) and upholding patient privacy. The Health Insurance Portability and Accountability Act (often referred to in short form as HIPAA or the portability and accounting act) was introduced in the United States to address the health insurance portability, security, and accountability requirements within the healthcare industry.

Read Post

Feroot

Read more about Top 5 HIPAA Pitfalls That Lead to PHI Leaks on Websites

Security Threats to Payroll Data: How Can Your Firm Manage Them?

Apr 30, 2025 By SecuritySenses In SecuritySenses

In modern, connected workplaces, security is a perpetual concern. Some departments in your organization handle high-risk information, such as personal employee data and company finances. Any data breach can bring on a reputational crisis and endanger internal strategic approaches. In February 2025, HR Dive reported the impact of a data breach at an employee screening services provider. The breach affected an unnerving 3.3 million people, leaking people's names and financial account information. Social Security numbers and other ID numbers also got compromised.

Read Post

SecuritySenses

Read more about Security Threats to Payroll Data: How Can Your Firm Manage Them?

Egnyte CMMC Compliance Overview

Apr 29, 2025 By Egnyte In Egnyte

Cybersecurity Maturity Model Certification (CMMC) is a certification program that’s required for all U.S. Department of Defense (DoD) contractors to ensure they have the necessary controls to protect sensitive information. CMMC is anticipated to appear in DoD contracts as early as mid-2025. Egnyte provides an EgnyteGov secure data enclave to help manage CUI and FCI and to help you achieve compliance. Sign up for our CMMC consultation to learn how Egnyte can help with your CMMC compliance journey, so you can continue bidding on DoD contracts.

View Video

Egnyte

Read more about Egnyte CMMC Compliance Overview

AI and Compliance with Adam Winston

Apr 29, 2025 By WatchGuard Technologies In WatchGuard

This week on the podcast, we bring in Adam Winston, former CSO of ActZero and current Field CTO for Managed Services at WatchGuard to discuss automating the SOC with AI. We cover the history of AI in SecOps, the good and bad applications of AI and Machine Learning, what the future looks like, and how compliance might impact our ability to get there.

View Video

WatchGuard

Read more about AI and Compliance with Adam Winston

Why Secure Custom Application Development Is a Must for Modern Businesses

Apr 29, 2025 By SecuritySenses In SecuritySenses

Security isn't just a technical concern anymore it's a core part of doing business. Many companies find themselves relying on pre-built software that wasn't designed with their specific risks or workflows in mind. These off-the-shelf tools may offer basic functionality, but they often lack the control, adaptability, and protection modern teams need. That's why more organizations are investing in custom application development: to build systems that fit their operations and protect what matters most.

Read Post

SecuritySenses

Read more about Why Secure Custom Application Development Is a Must for Modern Businesses

4 lessons learned during our ISO 42001 audit

Apr 28, 2025 By Vanta In Vanta

Vanta is proud to be one of the first companies to achieve ISO 42001 compliance with our audit partner Schellman, an ANSI-accredited ISO 42001 auditor. ‍ To prepare for and pass our audit, our team worked diligently to assess our specific business needs, communicate clearly with stakeholders and AI leadership, and complete formal training to learn how to develop, integrate, and deploy trustworthy AI systems in line with emerging laws and policies.

Read Post