http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, COOP & COG, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Thu, 24 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/Basel-II/13178.html WorldExtendR, provider of remote data and application access software,has announced that its IronDoorR 3.5 remote network access software will make it simple for small to medium sized organizations to immediately implement a realistic telecommuting program for staff. This follows recent research from such respected institutions as the Telework Exchange and MSNBC confirming that telecommuting can significantly reduce both environmental pollution and fast-escalating travel costs associated with inflated gas prices. IronDoor 3.5's software-based secure remote network access enables small to medium sized organizations to set up a telecommuting or telework program by providing staff with secure, anytime/anywhere access to both applications and data (similar to Citrix). By ensuring that remote users can now securely access any resources they require, IronDoor 3.5 will facilitate staff in the reduction of rapidly-escalating costs associated with commuting - which recent MSNBC research estimat http://www.compliancehome.com/news/Basel-II/13178.html Wed, 23 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/HIPAA/13176.html PointSecure, provider of security and auditing solutions for OpenVMS systems, announced a strategic alliance with PARSEC Group, a full-service training, support, and consulting company for OpenVMS, Tru64 UNIX, HPUX, AIX, Linux, and Microsoft products. By integrating PointSecure solutions into their Remote Systems Management services, PARSEC Group customers can be confident that their OpenVMS systems are secured by premier security products from PointSecure. The OpenVMS expertise at PARSEC Group is unmatched, said Nick Futter, vice president of Channel Development at PointSecure. This is a unique partnership providing customers with an enhanced offering including software, services and training for their OpenVMS security and compliance needs. http://www.compliancehome.com/news/HIPAA/13176.html Wed, 23 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/HIPAA/13175.html FairWarning,supplier of cross-platform healthcare privacy auditing solutions for Electronic Health Records, today announced in the first six months of 2008, the company more than doubled revenues over the same time period of the previous year. FairWarning(R) transitioned from break even to profitable during the first half of 2008. The company expects by year end 2008, to double 2007 revenues. FairWarning has experienced a spike in sales of its privacy auditing solutions across every sector of the healthcare industry including: hospitals, health systems and major physician offices. FairWarning attributes its triple-digit growth and growing customer base to a drastic increase in major identity theft and employee snooping incidents. Additionally, the news of HIPAA audits has fueled an industry-wide realignment of priorities with privacy and security compliance at the top of mind for healthcare organizations. http://www.compliancehome.com/news/HIPAA/13175.html Wed, 23 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13174.html NexMed announced the receipt of a non approvable letter from the U.S. Food and Drug Administration (FDA) in response to its New Drug Application (NDA) for its topical treatment for erectile dysfunction (ED). The major regulatory issues raised by the FDA were related to the results of the transgenic mouse carcinogenicity study which NexMed completed in 2002. Commenting on today's announcement, Vivian Liu, President and Chief Executive Officer of NexMed said, The transgenic mouse concern raised by the FDA is product specific, and does not affect the dermatological products in our pipeline. While we are disappointed by the FDA's decision, the deficiencies cited in their letter were not unexpected. One positive outcome is the fact that the FDA did not cite the lack of completion of our long term open label safety study as a deficiency. We are encouraged that we do not need to redo this study, which would have taken up to 18 months to complete and at a substantial cost. http://www.compliancehome.com/news/FDA/13174.html Wed, 23 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13173.html The U.S. Food and Drug Administration (FDA) announced it is launching a two-year fellowship program aimed at attracting scientists, engineers and health professionals to the agency. The FDA Commissioners Fellowship Program will provide participants with advanced training in the scientific analysis involved in the safety and regulatory decisions unique to the agencys mission. Attracting the best scientists to FDA helps us make timely decisions and give doctors and patients helpful and accurate advice about treatment options. And timely decisions encourage more investment in developing new drugs and better medical devices, said Deputy Secretary of Health and Human Services Tevi D. Troy. The FDA Commissioners Fellowship Program will not only bring great fellows in the door, but encourage them to make FDA their career. http://www.compliancehome.com/news/FDA/13173.html Wed, 23 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13172.html The U.S. Food and Drug Administration today issued a final regulation that makes early phase 1 clinical drug development safe and efficient by enabling a phased approach to complying with current good manufacturing practice (CGMP) statutes and FDA investigational requirements. To facilitate this new approach, the regulation exempts most phase 1 investigational drugs from the requirements in 21 CFR part 211 FDA will continue to exercise oversight of the manufacture of these drugs under FDAs general statutory CGMP authority and through review of investigational new drug (IND) applications. A companion guidance recommends an approach for complying with CGMP statutory requirements such as standards for the manufacturing facility and equipment, the control of components, as well as testing, stability, packaging, labeling, distribution, and recordkeeping. http://www.compliancehome.com/news/FDA/13172.html Wed, 23 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13171.html Guardium, the database security company, and BMC Software are hosting a Webcast to provide government agencies with effective strategies for safeguarding Personally Identifiable Information (PII) in sensitive databases and easily complying with OMB M-06-16. The OMB directive states that government departments and agencies must log all extracts from databases holding sensitive information and verify each extract including sensitive data has been erased within 90 days or its use is still required. Major government agencies, such as the Federal Trade Commission, have already improved database security and addressed compliance regulations by deploying Guardium's database activity monitoring (DAM) solution. Guardium 7 monitors and tracks all access to sensitive data, across all major DBMS platforms and applications, without impacting database performance or requiring changes to applications. http://www.compliancehome.com/news/SOX/13171.html Tue, 22 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13169.html Cell Therapeutics has announced that the Company has scheduled a meeting with the U.S. Food and Drug Administration (FDA) in September to discuss the possibility of filing a supplemental Biologics License Application (sBLA) for use of Zevalin-ibritumomab tiuxetan) as consolidation therapy after remission induction in previously untreated patients with follicular non-Hodgkin's lymphoma. The basis for the filing would be data from the First-line Indolent Trial that CTI recently gained access to through an agreement with Bayer Schering Pharma. http://www.compliancehome.com/news/FDA/13169.html Tue, 22 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/Basel-II/13168.html OpenPages, provider of enterprise GRC management solutions that optimize business performance, today announced that FirstRand Banking Group, one of South Africa's largest banking organizations, has selected the OpenPages Operational Risk Management (ORM) solution to address Basel II capital allocation costs as part of the company's overall risk management strategy. FirstRand selected OpenPages ORM because of the solution's rapid time to value and its overall functionality, as well as OpenPages' highly regarded domain expertise and leadership position in the risk management space. http://www.compliancehome.com/news/Basel-II/13168.html Mon, 21 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FFIEC/13167.html Envysion has announced that it has passed its PCI-DSS certification audit, making it the only web-based video surveillance firm to meet new security guidelines aimed at reducing credit card fraud. Envysion Video helps retail, restaurant and hospitality customers improve their profitability and enhance their customer experience by providing remote access to in-store video that is tied to business applications, such as Point of Sale (POS) systems. Being compliant with the PCI-DSS standard provides added protection for Envysions customers against identity fraud by ensuring that all components of its MVaaS solution meet the industrys stringent security requirements. Many consumer-oriented companies are themselves rushing to become PCI certified to protect their customers sensitive information and to avoid the severe fines and limitations that would otherwise be placed on their businesses. PCI DSS was developed by credit card companies to help businesses that process card payments preven http://www.compliancehome.com/news/FFIEC/13167.html Mon, 21 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13166.html Osmetech has announced that it has received 510(k) clearance from the US Food & Drug Administration ('FDA') for its eSensor Warfarin Sensitivity Test to be used as an aid in the identification of patients at risk for increased sensitivity to the widely used blood-thinning drug, warfarin. The Company also announces that the FDA clearance includes its second generation eSensor XT-8 molecular diagnostics platform. James White, Chief Executive, Osmetech plc, said: The FDA clearance is an important milestone for Osmetech. As we gear up the launch of our warfarin sensitivity test in the US this clearance provides further validation of our strategy of targeting the exciting opportunities in the rapidly developing molecular diagnostics market. http://www.compliancehome.com/news/FDA/13166.html Mon, 21 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/OSHA/13165.html Wyeth announced that its manufacturing and research facility in Pearl River, N.Y., has earned the highest recognition for workplace safety and health from the U.S. Department of Labor's Occupational Safety and Health Administration (OSHA): the Voluntary Protection Programs (VPP) star. Wyeth Pearl River is the 2,000th site in the U.S. to be accepted into the VPP, and Wyeth's eighth facility in the country to earn the VPP star. This achievement is the result of a two-and-a-half year effort to make workplace safety the responsibility of every employee on site, said Mike McDermott, Vice President, Site Operations, Wyeth Pearl River. Safety has always been a top priority in Pearl River, and when we applied for VPP, we set our sights on being the best in the industry. We worked aggressively to make improvements in our safety programs, communication, and training, and we are delighted to be recognized as a VPP 'star' worksite. http://www.compliancehome.com/news/OSHA/13165.html Mon, 21 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/GLBA/13163.html The IS Governance Institute and SourceMedia, publisher of the American Banker and Credit Union Journal, announce a series of seminars and research reports on operational risks and operational loss events on information security, ignored by information technology, that violate regulations required for maintaining federal deposit insurance for 16,000 federally insured financial firms. Operational loss events per Basel II include fiduciary breaches by boards of directors, external fraud, business disruption and process management. http://www.compliancehome.com/news/GLBA/13163.html Mon, 21 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13162.html Interoute, owner of Europe's most advanced voice and data network, announced that it has selected Configuresoft's Enterprise Configuration Manager (ECM) to support its internationally recognised ISO 27001 accredited security management system and ensure compliance with internal policy. Interoute operates a sophisticated portfolio of IT, Business Support Systems (BSS) and Network Management Systems (NMS) required to deliver and maintain next generation data solutions. Interoute selected ECM's server configuration management solution for its scalability, performance and ability to ensure the security and compliance critical to Interoute's customers. http://www.compliancehome.com/news/SOX/13162.html Mon, 21 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FFIEC/13160.html FISolv announced two additions to the schedule for its Summer Education Series on Business Continuity Planning. The webinars will focus on how to develop a successful Business Continuity Plan and updated guidance from the FFIEC. FISolv is following up on the success of the webinars on Team Building and Board & Senior Management Responsibilities with upcoming webinars on Pandemics, the Business Impact Analysis, and Testing and Maintenance. http://www.compliancehome.com/news/FFIEC/13160.html Sun, 20 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13159.html Archer Technologies (Archer), a provider of enterprise governance, risk and compliance solutions, today announced the release of its Data Feed Manager, which provides a new way for companies to perform rapid integrations between industry-leading products and the Archer SmartSuite Framework. Designed for use by technical business analysts, the Data Feed Manager allows Archer clients and partners to use the Archer Framework as a point of consolidation, bringing together data from any source for correlation, analysis, process management and reporting. A vital component of any governance, risk and compliance program is the ability to form an aggregate view of risks, vulnerabilities, metrics and operational data within the enterprise, says Jon Darbyshire, president and CEO of Archer Technologies. With the Data Feed Manager, Archer is putting power in the hands of technical business users to rapidly integrate enterprise data systems with the Archer SmartSuite Framework. This is a new market http://www.compliancehome.com/news/SOX/13159.html Sun, 20 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/OSHA/13158.html Labor and Workforce Development Agency (LWDA) Secretary Victoria Bradshaw and Superintendent of Public Instruction Jack O'Connell today announced a partnership that will bring heat illness prevention information to California's migrant education community. Under the partnership, LWDA's Department of Industrial Relations' Division of Occupational Safety and Health, also known as Cal/OSHA, will work with migrant education teachers and administrators throughout the state to educate students and their families about heat stress and their rights. http://www.compliancehome.com/news/OSHA/13158.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13155.html MAPEI Americas, a manufacturer of tile and stone installation systems, floor covering installation systems and concrete restoration products, has signed a multi-year agreement with 1Vault Networks (www.1vault.net), a South Florida provider for hosted IT services, colocation and disaster recovery services. MAPEI Americas, a part of MAPEI Group worldwide, operates 14 plants from Canada to Argentina and is headquartered in Deerfield Beach, Florida. The Americas subsidiaries have chosen the 66,000-square-foot, Category 5 hurricane-rated 1Vault Networks location for disaster recovery, colocation backup and customized headquarters connectivity with ATT Metro E circuit and 100 MB wireless connections, internet access and five other cross connects. http://www.compliancehome.com/news/SOX/13155.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FFIEC/13154.html Ounce Labs announced that the company's Advanced Research Team (ART) has documented two vulnerabilities that can affect Java web applications that utilize the Spring Framework. With more than five million downloads of Spring to date, the security vulnerabilities identified could affect countless enterprises that utilize this commonly used framework. The specific vulnerabilities are 'ModelView Injection' and 'Data Submission to Non-Editable Fields.' These vulnerabilities allow attackers to subvert the expected application logic and behavior, gaining control of the application itself, and access to any data, credentials or keys held in the application. Although the two vulnerabilities discovered and analyzed by Ounce are part of the Spring Framework, Ounce Labs ART experts believe that similar issues can be found in other popular Frameworks. The ART Team has worked closely with the security team from SpringSource, the company behind Spring, to confirm these security issues and develop re http://www.compliancehome.com/news/FFIEC/13154.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13153.html As world markets brace for the possible collapse of dozens of American banks during the next year, global financial leaders meeting at the World Council of Credit Unions (WOCCU) conference in Hong Kong discussed ways that, by better emulating transparent practices and accountability of credit unions to the members they serve, banks may be better able to head off collapse. Regional banks including Washington Mutual Inc. and National City Corp. are at risk of failure, the New York Times reported July 14, 2008. Paul Sarbanes, former U.S. senator and sponsor of the Sarbanes Oxley Act of 2002, told conference-goers that adopting greater transparency and accountability voluntarily, following the lead of credit unions, is better than increased regulation. He also encouraged regulators to use existing laws more effectively. http://www.compliancehome.com/news/SOX/13153.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/OSHA/13152.html The Shaw Group announced that the Fossil Division of its Power Group has received the Voluntary Protection Programs (VPP) STAR designation from the U.S. Department of Labors Occupational Health & Safety Administration (OSHA) for excellence in occupational safety and health at the Cleco Rodemacher 3 power plant project. Shaw is the engineering, procurement and construction contractor for Cleco Power LLCs new 600 MW electricity generating plant in Boyce, La. The project was named a VPP STAR site for its comprehensive, successful safety and health management system and its low injury and illness rates. The project team has achieved more than 4 million safe work hours since work began in May 2006. The Cleco Rodemacher 3 power plant project is Shaws 14th active VPP STAR site. http://www.compliancehome.com/news/OSHA/13152.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13151.html NeuroHealing Pharmaceuticals, a company developing products for individuals with chronic brain injuries, announced that the Food and Drug Administration (FDA) has awarded the company a three-year grant of $1,044,000 to assist in the clinical development of NH001. NH001 is under clinical development to improve the functional outcome of patients in a vegetative state or minimally conscious state following a severe traumatic brain injury. The product has demonstrated promising results in an open label Phase IIa trial and has received authorization from the FDA to begin a double blind Phase II clinical trial, under an open IND. NH001 received Orphan Drug Status from the FDA in 2006. http://www.compliancehome.com/news/FDA/13151.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13150.html Oversight Systems, the leading provider of automated continuous transaction monitoring solutions, today announced that it has formed a Solution Alliance with national CFO services firm SolomonEdwardsGroup, LLC (SEG). http://www.compliancehome.com/news/SOX/13150.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13148.html St. Jude Medical announced U.S. Food and Drug Administration (FDA) approval of the Merlin@home transmitter, an RF wireless technology that remotely monitors patients implanted cardiac devices. The transmitter supports the St. Jude Medical Current RF and Promote RF family of devices and works in conjunction with the St. Jude Medical data management system, Merlin.net Patient Care Network (PCN), to provide complete remote care service for patients and their physicians. Until recently, patients with implanted cardiac devices were typically required to visit doctors offices several times per year to have their device performance checked. With the advent of transmitters capable of downloading and transmitting device data over telephone lines, patients are now able to initiate and perform many of these follow-ups in their own homes. http://www.compliancehome.com/news/FDA/13148.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/GLBA/13146.html Clearswift has released a new version of its advanced content security tool, MIMEsweeper for SMTP, to strengthen organizations' Data Loss Prevention capabilities. MIMEsweeper for SMTP is a sophisticated e-mail security and management system designed to comprehensively address the complex security layers, policies, processes and procedures that larger distributed enterprises face. The solution provides the flexibility to tailor day-to-day management of e-mail infrastructures to specific organizational needs. It scans outbound e-mail messages to ensure that they match an organization's e-mail policy ensuring that any messages containing sensitive or inappropriate information blocked or routed according to the stated policy based upon enforcing multiple outcomes based upon sender, recipient or content. MIMEsweeper solutions have traditionally been used by companies wishing to control the content of outgoing e-mails. This new version sees the introduction of yet more features designed to h http://www.compliancehome.com/news/GLBA/13146.html Wed, 16 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FFIEC/13145.html Network Frontiers, the leader in IT regulatory compliance management, announced the availability of the Q3 2008 Unified Compliance Framework (UCF), the first independent database to simplify IT compliance. The latest version of UCF highlights the addition of numerous new regulations and standards, including Fair and Accurate Credit Transactions Act (FACTA), Federal Financial Institutions Examination Council (FFIEC) and Fair Credit Reporting Act. UCF acts as the cornerstone of IT compliance, mapping hundreds of regulations, including PCI-DSS (Payment Card), Sarbanes-Oxley, HIPAA, CobiT, and NIST, into a master hierarchal framework. We are engaged with an accounting firm that owns several entities requiring them to be compliant with HIPAA, FFIEC, SOX and GLBA, said Christopher Hannan, owner of Optimal Technologies, LLC. In order to for us to provide their compliance auditing and consulting, we needed a cost effective and easy way to organize their compliance obligations. After evaluating http://www.compliancehome.com/news/FFIEC/13145.html Tue, 15 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/Basel-II/13143.html With the global implementation of the Basel II Framework (Basel II), Fitch Ratings has detailed in a new report its first-ever rating methodology for assessing the risk assumed by providers of deal-specific liquidity and credit enhancement facilities to asset-backed commercial paper (ABCP) conduits. Under Basel II, banks are required to hold capital against the support facilities they extend to ABCP programs. An important determinant in the calculation of the amount of capital is the credit quality, or rating, of the facility. In its report, Fitch outlines its key considerations when rating these facilities. Specifically, Fitch looks through to the underlying assets that are supported by the facility and applies the relevant asset criteria. In addition, Fitch considers the unique features of the support facility which may impact the rating, such as narrowly defined conditions to draw or available enhancement. http://www.compliancehome.com/news/Basel-II/13143.html Tue, 15 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13142.html Aladdin Knowledge Systems, an information security leader specializing in authentication, software DRM and content security, announced a partnership with IdenTrust, who possesses the only global bank-centric identity network, to provide identity authentication solutions for secure online banking and financial transactions. Aladdin and IdenTrust are collaborating to offer certificate-based two-factor authentication for unmatched security, enabling financial organizations in the United States, Europe and Asia to implement next-generation technology to improve the security of e-commerce, fight identity theft, increase customer trust and drive revenue. Aladdin and IdenTrust will develop joint initiatives to drive future innovation and expand the options available for secure online banking and other industries requiring globally interoperable certificate-based transactions. A premier provider of authentication solutions to global financial institutions and the United States government, Iden http://www.compliancehome.com/news/SOX/13142.html Tue, 15 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/GLBA/13141.html Compliance11, provider of regulatory compliance management solutions, announced that it has released Compliance11 Supervisory Suite 2.0. The second generation Software-as-a-Service application has an enhanced design including expanded functionality within each of the software's four modules -- personal trading, affirmations and disclosures, gifts and case management. Tad Mitchell, president and chief operating officer at Compliance11 said, As a SaaS provider we are able to constantly enhance the application with no impact or cost to our customer base. Our solutions are based on the feedback and direction of our clients resulting in a synergistic and effective compliance management product suite. http://www.compliancehome.com/news/GLBA/13141.html Tue, 15 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FFIEC/13140.html Talisma Corporation, an nGenera company and the leading Customer Interaction Management (CIM) software solution provider, today announced the availability of a white paper that describes how the fully integrated solutions of Talisma Email, Talisma Secure Message Portal and Talisma Chat help businesses achieve compliance with PCI (Payment Card Industry) Security Standards. Talisma solutions accomplish this by providing secure communication layers for protecting sensitive data during transmission, storage and access. Industry experts have stated that billions of dollars each year are lost in credit card fraud. The Federal Trade Commission's Consumer Sentinel (Consumer Fraud and Identity Theft Complaint Data) from 2007 shows that the FTC alone received more than 800,000 consumer fraud and identity theft complaints. These reported losses alone accounted for more than $1.2 billion -- credit card fraud, at 23%, was the most common form of reported identity theft. http://www.compliancehome.com/news/FFIEC/13140.html Tue, 15 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13135.html Finsbury Solutions, supplier of spreadsheet management and compliance software to the financial services sector, announced that leading global alternative asset manager Kohlberg Kravis Roberts & Co (KKR) has implemented Finsbury Solutions' advanced Spreadsheet Workbench software system. Spreadsheet Workbench is based on the latest Microsoft technologies, including SQL Server 2005 and SharePoint 2007, and provides auditability and control over business critical spreadsheets. The system provides finance, risk and audit departments with enhanced transparency and control over the financial reporting process in accordance with the latest financial legislation, such as Sarbanes-Oxley. http://www.compliancehome.com/news/SOX/13135.html Tue, 15 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13134.html Identity Engines, provider of role-based access control solutions for heterogeneous networks, announced the Authenticated Network Architecture (ANA): the industry's first vendor-neutral best practices framework outlining how organizations can migrate from the static, IP-address based architectures of the past, to the newer identity-based controls enabled by recent standards including IEEE 802.1X. Regulatory compliance mandates such as HIPAA, SOX, PCI, GLBA, NERC/FERC, FERPA, HSPD-12 across multiple industries have driven IT organizations to search for secure, efficient, cost-effective methods of controlling access to their network infrastructure. The ANA framework fulfills that need by leveraging latent enforcement capabilities present in most enterprise network equipment, enabling transparent role-based access across all existing infrastructure (wired, wireless, remote access). http://www.compliancehome.com/news/SOX/13134.html Tue, 15 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/HIPAA/13132.html Symark International, developer of the PowerSeries information security solutions for managing privileged access, announced PowerKeeper 3.0, the latest version of the industrys most advanced privileged account access management appliance for the secure creation, control, storage and retrieval of privileged administrative account passwords. PowerKeeper 3.0 includes support for application-to-application (A2A) and application-to-database (A2DB) connectivity, and bolsters security by replacing embedded credentials with one-time-use passwords. The new version also utilizes the HP ProLiant DL360 G5 server, which, when combined with PowerKeeper 3.0, significantly improves system availability and facilitates greater scalability to handle more users, managed systems and managed accounts per appliance. http://www.compliancehome.com/news/HIPAA/13132.html Tue, 15 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13131.html Energex Systems, announced that it has been granted approval from the Federal Food and Drug Administration (FDA) to utilize its experimental HemoModulation therapy in a clinical trial of HIV infected patients. The purpose of the study will be to demonstrate safety and monitor viral load changes in patients who are not yet eligible for antiviral drug therapy. HIV is a retrovirus that attacks the immune system, destroying or impairing its function. As the disease progresses, the immune system becomes weaker, and the person becomes more susceptible to opportunistic infections. The advanced stage of HIV infection is Acquired Immunodeficiency Syndrome (AIDS). Globally it is estimated that there are 33.2 million people living with HIV/AIDS. Currently the only approved treatments for HIV are drug based therapies that attempt to reduce viral burden (amount of virus in the blood stream) and the virus's ability to replicate. The cost and known side effects from these drug therapies are significa http://www.compliancehome.com/news/FDA/13131.html Tue, 15 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13130.html Genta has announced that the Food and Drug Administration (FDA) has accepted the Company's amendment to its New Drug Application (NDA) for Genasense(R) (oblimersen sodium) Injection as a complete response. The NDA proposed the use of Genasense plus chemotherapy for patients with relapsed or refractory chronic lymphocytic leukemia (CLL). The recent submission was based on new information from the Company's completed, randomized Phase 3 trial that showed, among other findings, a significant increase in overall survival for patients who achieved a complete or partial response when treated with Genasense plus chemotherapy compared with patients treated with chemotherapy alone. http://www.compliancehome.com/news/FDA/13130.html Mon, 14 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/HIPAA/13129.html Imperva has announced that it has extended its Imperva ADC Insights product line with PeopleSoft Insights, which monitors and protects PeopleSoft applications and data. Imperva ADC Insight Services enable organizations to streamline the compliance process and meet regulatory requirements on their application infrastructure without in-depth knowledge of the applications or mandates. Staffmark, one of the nation's leading staffing and workforce solutions providers, has developed self-service web applications based on the PeopleSoft platform. The company selected SecureSphere to safeguard these applications and the sensitive personal information they process including data submitted by job applicants. http://www.compliancehome.com/news/HIPAA/13129.html Mon, 14 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/GLBA/13128.html McAfee announced enhancements to McAfee Total Protection (ToPS) for Endpoint, McAfees flagship endpoint security solution. This release provides new and updated compliance and security functions, including powerful policy auditing, flexible network access control, rogue system detection, enhanced Web security and improved anti-malware technology. The integration of management capabilities between endpoint security and compliance management enables customers to reduce costs, improve visibility and comply with industry & security policy across their entire infrastructure. According to Research VP Paul Proctor, Gartner, Inc. Companies today realize that they need more than just good security controls, and that they must also address compliance with internal security policies and industry regulations. A combination of good security functions and compliance management improves security operations efficiency and maturity. http://www.compliancehome.com/news/GLBA/13128.html Mon, 14 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FISMA/13127.html netForensics, a visionary leader in the Information Security Management market, announced new functionality in its flagship Security Information Management (SIM) application that provides unprecedented guidance for managing and reporting on critical IT security issues, as well as compliance with regulatory requirements and standards. The integration of the new security audit framework into its nFX SIM One product enables netForensics to deliver the market's most comprehensive solution for managing and reporting on IT security and third-party compliance requirements. Modules that address specific regulations, such as PCI, Sarbanes-Oxley, HIPAA and FISMA, easily plug into the framework for quick deployment and rapid time to value. The first module delivered as part of the release of the new security audit framework helps retail organizations manage themselves against the Payment Card Industry (PCI) Data Security Standard. http://www.compliancehome.com/news/FISMA/13127.html Mon, 14 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FFIEC/13126.html Many smaller business owners may not realize that the Best Practice 6.6 of the PCI Data Security Standard (DSS) became a requirement on June 30th. The regulation requires merchants dealing with debit and credit cards to tighten their security by both conducting application code reviews and installing Web application firewalls. PaySimple has been certified PCI DDS compliant and assures that its system meets all the requirements demanded of a PCI Compliant third-party payment processing system. http://www.compliancehome.com/news/FFIEC/13126.html Mon, 14 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13125.html Oversight Systems, the leading provider of automated continuous monitoring solutions, today announced that it will be presenting its industry-leading continuous transaction monitoring software at the 19th Annual ACFE Fraud Conference and Exhibition to be held in Boston, July 13-18, 2008. More than 2,000 anti-fraud professionals from around the world are expected to gather at the conference to share knowledge, exchange ideas and learn effective strategies and best practices in the global fight against fraud. http://www.compliancehome.com/news/SOX/13125.html Mon, 14 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13123.html Shavlik Technologies, the market leader in delivering software solutions that rapidly accelerate and continuously improve security and compliance readiness, has announced that the Shavlik Security Suite has earned Security Content Automation Protocol (SCAP) validation, a U.S. government-mandated initiative for standards based security automation. http://www.compliancehome.com/news/SOX/13123.html Sun, 13 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FFIEC/13124.html Centris Information Services, provider of call center services, advanced automated call handling applications, on-demand interpreter services and broadcast messaging, has announced it has received its Payment Card Industry (PCI) Compliance certificate. Receiving this certificate ensures our customers, merchants and cardholders our data is protected according to the industry's highest standards, says Dale Augustyn, Director of Information Technology for Centris. In 2004, the Payment Card Industry Data Security Standard was created in a joint effort by major credit card companies; American Express, Visa, MasterCard and Discover, with each one of the credit card companies having its separate standard detail. June 30, 2005, the PCI DSS regulations were standardized and implemented. http://www.compliancehome.com/news/FFIEC/13124.html Fri, 11 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/OSHA/13122.html The U.S. Department of Labors Occupational Safety and Health Administration (OSHA) announced in the June 30 Federal Register that it will hold two informal public hearings on the proposed rule for General Working Conditions in Shipyard Employment. The first hearing is scheduled for 9:30 a.m. on Sept. 9, 2008, at the Department of Labors Frances Perkins Building in Washington, D.C. The second hearing will convene in Seattle, Wash., on Oct. 21, 2008, at 9:30 a.m. The address for the Seattle, Wash., location will be provided in a later Federal Register notice. These hearings will provide a forum for interested stakeholders to discuss the proposed rule and ways to improve existing standards on working conditions for employees in shipyard employment, said Assistant Secretary of Labor for OSHA Edwin G. Foulke, Jr. We welcome all input as we continue our efforts to reduce and prevent safety and health hazards in this industry. http://www.compliancehome.com/news/OSHA/13122.html Fri, 11 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FDA/13121.html The U.S. Food and Drug Administration today announced that it is revising the way it communicates to drug companies when a marketing application cannot be approved as submitted. Under new regulations that govern the drug approval process, FDA's Center for Drug Evaluation and Research (CDER) will no longer issue approvable or not approvable letters when a drug application is not approved. Instead, CDER will issue a complete response letter at the end of the review period to let a drug company know of the agency's decision on the application. These new regulations will help the FDA adopt a more consistent and neutral way of conveying information to a company when we cannot approve a drug application in its present form, said Janet Woodcock, M.D., director of the agency's Center for Drug Evaluation and Research (CDER). Thorough and timely review of drug applications is a priority of the FDA, and these new processes will make our communications with sponsors of applications more consistent http://www.compliancehome.com/news/FDA/13121.html Fri, 11 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13119.html Resolver, provider of governance, risk and compliance (GRC) management, announced today the release of Resolver Risk 4.2. The release of Resolver*Risk 4.2 demonstrates Resolver's ongoing commitment to product enhancement. Resolver*Risk 4.2 contains a number of unique innovations that further differentiate the solution. While several competitors have announced discontinued support for their first generation compliance products, Resolver is proud to have a perfect track-record of supporting their software. Clients play a big role in the development life-cycle through their suggestions to the Resolver team. http://www.compliancehome.com/news/SOX/13119.html Fri, 11 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13118.html The Accounts Payable Network today announced the debut of Master File Solutions Suite to help accounts payable professionals cleanse, standardize and enrich vendor master file data. Master File Solution Suite is offered by The Accounts Payable Network (TAPN) and powered by Equifax Commercial Information Solutions. The new offering leverages Equifax's data management services -- an integral part of its Commercial Information Solutions business -- to help accounts payable, finance, accounting and purchasing professionals manage vendor master file activities. As part of the launch, TAPN and Equifax are offering a free vendor master file assessment to qualified organizations. http://www.compliancehome.com/news/SOX/13118.html Fri, 11 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/SOX/13117.html Softrax Corporation, provider of enterprise revenue management and billing solutions announced that it will present a live webcast to provide an update on the COSO Guidance Initiative, a project underway to help corporations better understand and utilize the Internal Control-Integrated Framework. Companies that can implement it effectively ultimately realize a broad range of benefits through improved financial, operational and compliance-related controls. The event will be held on Thursday, July 24th at 1PM Eastern time and will be presented by Trent Gazzaway, Managing Partner, Corporate Governance, Grant Thornton LLP. Trent, who is one of the nations leading authorities on monitoring and internal controls guidance, was selected by COSO to lead this project. The webcast host will be Robert OConnor, President and CEO of Softrax Corporation. http://www.compliancehome.com/news/SOX/13117.html Thu, 10 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/HIPAA/13114.html Research and Markets has announced the addition of the The Portable Ethicist for Mental Health Professionals: A Complete Guide to Responsible Practice, with HIPAA Update, 2nd Edition report to their offering. Everything professionals need to know to protect their practice against ethical violations and complaints is covered in this second edition of The Portable Ethicist for Mental Health Professionals. Written by two attorneys specializing in legal and ethical issues in mental health, this indispensable guide arms clinicians with the expert knowledge needed to avoid an ethical violation, or to handle the situation if a complaint is filed. Organized alphabetically for easy reference. http://www.compliancehome.com/news/HIPAA/13114.html Thu, 10 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/FISMA/13113.html A new publication released by the National Institute of Standards and Technology (NIST) on June 30 can help information system managers negotiate the often complex process of assessing security controls in their information systems. Although designed specifically to meet the needs of federal IT managers who must satisfy government requirements called for in the 2002 Federal Information Security Management Act (FISMA), the new guide can be useful to IT professionals across the industry. The document, Special Publication 800-53A, Guide for Assessing the Security Controls in Federal Information Systems, is designed to assist managers in assessing the effectiveness of the security controls called for in NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems. SP 800-53 is one of the core documents supporting the Risk Management Framework that was developed for federal agencies by NIST as part of its FISMA responsibilities. SP 800-53 specifies a flexib http://www.compliancehome.com/news/FISMA/13113.html Thu, 10 Jul 2008 00:00:00 CST http://www.compliancehome.com/news/Basel-II/13112.html INCA (Brazilian National Cancer Institute) creates Hospital Accreditation software based on Risk Management in order to authorize units to offer support within the international health standards. http://www.compliancehome.com/news/Basel-II/13112.html