http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Thu, 18 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18803.html Small employers are inching towards a minor breakthrough for providing health insurance to employees. A new product by Zane Benefits Inc. has launched today that would allow small businesses to offer health insurance at zero net cost.Zane Benefits Inc. is a web-based health insurance purveyor targeted primarily at employers of small businesses. The company has developed software called ZaneHRA (Health Reimbursement Arrangement) that administers health insurance and benefits to employees. The system works thusly: employees are able to find individual health insurance plans, when in use employees submit claims online to their ZaneHRA account, and are reimbursed. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18803.html Thu, 18 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18802.html Healthcare professionals are improving patient care with the click of a mouse. Trident Medical System is the first in the state to use a life-saving computer program OACIS, in its emergency rooms. The healthcare provider logs in, gets connected, and then they know all about your health. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18802.html Thu, 18 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18801.html Various vital amendments to the Health Insurance Portability and Accountability Act were included in the American Recovery and Reinvestment Act of 2009 (ARRA) and took effect in February 2010. The new requirements are provisions of Title XIII of ARRA, the Health Information Technology for Economic and Clinical Health (HITECH) Act, and relate to security standards, disclosure of personal health information, and notification of information breaches. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18801.html Thu, 18 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18800.html Hotels are now the main target of the hackers stealing credit-card data than any other industry, according to data-security companies. In a recent report, SpiderLabs, a unit of data-security firm Trustwave, said 38% of its data-breach investigations in 2009 occurred at hotels. Financial services accounted for 19% of the company's data-breach investigations. Once an attack occurred, it took an average of 156 days for the business to realize it, according to the report. The problem has continued into 2010, says Nicholas Percoco, senior vice president of Trustwave and head of SpiderLabs. http://www.compliancehome.com/resources/PCI/Articles/abstract18800.html Thu, 18 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18799.html BP North American Inc. and BP-Husky Refining LLCs refinery in Oregon, Ohio, has been cited by OSHA with 42 alleged willful violations. The enforcement action included 39 per-instance violations and 20 alleged serious violations for exposing workers to hazards. Among these was failure to provide adequate pressure relief for process units. Proposed penalties total $3,042,000. http://www.compliancehome.com/resources/OSHA/Articles/abstract18799.html Thu, 18 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18798.html Although there is enormous improvement in cybersecurity, the Veterans Affairs Department still has significant obstacles to overcome to meet federal cybersecurity standards, according to a new report released by the VAs Office of Inspector General. According to a summary of the report, the VA continues to face significant challenges in complying with the requirements of FISMA due to the nature and maturity of its information security program. In order to better achieve the FISMA objectives, the department needs to focus on several key areas. http://www.compliancehome.com/resources/FISMA/Articles/abstract18798.html Thu, 18 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18797.html Elmora Healthcare in the US has adopted an electronic document workflow system from Authentidate to make its home medical equipment ordering process more efficient. Elmora Healthcare is a supplier of home medical equipment, medical supplies and care services, and has chosen Authentidate's Inscrybe Healthcare web-based service to improve the processing of patient care orders with referring physicians. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18797.html Wed, 17 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/ISO-27002-(17799)/Articles/abstract18796.html ISO and IEC have added to their toolbox of information security standards, with guidance for the successful design and implementation of ISO/IEC 27001:2005.ISO/IEC 27003:2010, Information technology Security techniques Information security management system implementation guidance, gives advice that will be useful for all types of security-conscious organizations, regardless of their size, complexity and risks. http://www.compliancehome.com/resources/ISO-27002-(17799)/Articles/abstract18796.html Wed, 17 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/ISO-27002-(17799)/Articles/abstract18795.html The initiative taken by the McAfee Cloud Secure is targeted at software-as-a-service (SaaS) and cloud providers, combining third-party certification with the vendor's automated security auditing, remediation and reporting services. Michael Sentonas, McAfee's Asia-Pacific CTO, said in a pre-launch Singapore briefing that the annual certification will be based on two existing industry standards--ISO 27001/27002 for information security management and Statement on Auditing Standards No. 70 (SAS70). McAfee has so far tied up with auditor KPMG and IT services company CSC to perform the certification exercises, he noted. http://www.compliancehome.com/resources/ISO-27002-(17799)/Articles/abstract18795.html Wed, 17 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18794.html PCI DSS is blamed by many payment processing industry players for leading organisations to prioritize compliance instead of security. However, the PCI DSS is not to blame, as there is no such thing as complete security, said a recent article. According to PCI Guru, organisations should not expect full protection from payment processing security threats under the PCI DSS - or under anything else, for that matter, as even the most thorough security measures do not eliminate risk. http://www.compliancehome.com/resources/PCI/Articles/abstract18794.html Wed, 17 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18793.html Few payment security professionals can find a hotter PCI DSS topic than compensating controls. They always look like this mythical accelerator to compliance used to push PCI Compliance initiatives through completion at a minimal cost to your company with little or no effort. Compensating controls are challenging. They often require a risk-based approach that can vary greatly from one Qualified Security Assessor (QSA) to another. There is no guarantee a compensating control that works today will work one year from now, and the evolution of the standard itself could render a previous control invalid. http://www.compliancehome.com/resources/PCI/Articles/abstract18793.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Webinars/abstract18792.html Tune in to this Tokenization webcast where well discuss the business drivers behind tokenization, exactly what tokenization is, some best practices for a successful implementation, and lastly, a customer example of tokenization used to reduce the PCI DSS audit scope. http://www.compliancehome.com/resources/PCI/Webinars/abstract18792.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Webinars/abstract18791.html The security and privacy rules of HIPAA (Health Insurance Portability and Accountability Act) took effect in 2003, but the healthcare industry did not take any of it seriously, as there was a lack of any real enforcement. There's been a lot of talk but no action. However, the passing of the Health Information Technology for Economic and Clinical Health (HITECH) Act earlier this year will change all of that. The HITECH Act not only strengthens HIPAA requirements but also adds additional incentives for companies to switch over to electronic records while ensuring security. While all this compliance may seem like a lot of work, much of it is common sense. Foresters principal analyst Khalid Kark will walk through how healthcare organizations can address the vast majority of the requirements and ensure security and regulatory compliance by implementing the five cardinal rules of information security. Watch Forrester and your healthcare colleagues in a useful and actionable discussion about http://www.compliancehome.com/resources/HIPAA/Webinars/abstract18791.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18790.html The quick evolution and maturity of cloud storage providers creates a new opportunity for managed service providers to offer cloud backup services. Backup to the cloud can provide a compelling cost advantage for SMB and SME customers and it opens up a new model for VARs and MSPs to profit with cloud-based backup services. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18790.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18789.html A Strong wood pellet facility that sustained an explosion at its mill in August now faces $27,000 in fines from the U.S. Department of Labor's Occupational Safety and Health Administration. Geneva Wood Fuels LLC faces six citations related to workplace safety standards following the explosion at the wood pellet manufacturing facility, according to the Sun Journal. The citations, announced yesterday, include deficiencies in construction and design of the pellet processing system, the use of unapproved equipment that could produce sparks, and a failure to train employees to prevent the ignition of wood dust. OSHA officials said the plant's combustible dust triggered the explosion, which caused $8 million in damages at the Franklin County mill. http://www.compliancehome.com/resources/OSHA/Articles/abstract18789.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Webinars/abstract18788.html In today's environment, IMS backup and recovery has taken on a whole new meaning because it involves more than an image copy and forward recovery. IMS backup and recovery must embrace Performance, Protection and Prevention to reduce resource utilization, meet SOX compliance, and if possible Prevent the need for recovery if at all possible. In the case where recovery is the only response, assist with the recovery action to insure its successful completion. http://www.compliancehome.com/resources/SOX/Webinars/abstract18788.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Webinars/abstract18787.html QualysGuard PCI 3.0 Web Application Scanning module is an automated tool for evaluating Web applications before and after deployment. This 10 minute demonstration is available on demand and includes a brief Abstract of the product along with a detailed walkthrough of the new features. http://www.compliancehome.com/resources/PCI/Webinars/abstract18787.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Webinars/abstract18786.html Speaker: Terry Ramos, Director Strategic Development, Qualys The Payment Card Industry Security Data Standard, or PCI, protects cardholders and businesses by establishing standard practices for processing, storing and transmitting credit card data but thefts still occur at an unprecedented rate. This webcast will explore: * Compliance Requirements of the PCI Data Security Standard * Participation and Validation Requirements * Selecting a PCI Network Security Testing Service * Automating the PCI Validation Process with QualysGuard PCI http://www.compliancehome.com/resources/PCI/Webinars/abstract18786.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18785.html The U.S. Department of Labors Occupational Safety and Health Administration surveys employers to collect workplace injury and illness data it uses to identify employers whose injury and illness rates are considerably higher than the national average. A letter has been sent to about 15,000 workplaces with the highest numbers of injuries and illnesses resulting in days away from work, restricted work activities or job transfers, known as the DART rate. http://www.compliancehome.com/resources/OSHA/Articles/abstract18785.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18784.html Companies that follow best practices in data security have a risk assessment program. As outlined by the United States General Accounting Office (GAO), risk assessments http://www.compliancehome.com/resources/PCI/Articles/abstract18784.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18783.html The key topic covered by Federal News Radio and many agencies are continuously working toward FISMA compliance is the Cybersecurity. ISC(2) works to help agencies do this -- and they just put out their 2010 Career Impact Survey. It examines hiring practices, salaries and cyberthreat definitions. Hord Tipton is executive director at ISC(2) and says about 60 percent of federal managers are saying they expect to hire more information security people this year, among other things. http://www.compliancehome.com/resources/FISMA/Articles/abstract18783.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18782.html Many businesses are struggling to meet compliance requirements, and for most, the biggest challenge is e-mail. E-mail compliance is a complex endeavor, since administrators need to save e-mail conversations, archive them, build indexes and have a means to retrieve those conversations. Whats more, the stored conversations must be protected from tampering and deletion. http://www.compliancehome.com/resources/SOX/Articles/abstract18782.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18781.html The American Medical Association has launched an online resource to help physicians make sense of the privacy and security rules that were created under the 2009 stimulus package. The new rules, portions of which went into effect in September 2009, not only added teeth to Health Insurance Portability and Accountability Act regulations but also added procedures that all physician offices must have in place to comply. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18781.html Tue, 09 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Webinars/abstract18780.html Securing cardholder data is not just about passing annual PCI DSS audits. It can mean a big difference in the cost of audits and the amount of effort needed for ongoing compliance. Research conducted by PriceWaterhouseCoopers found encryption and tokenization to be among the most promising technologies to reduce the scope of PCI DSS audits saving time and money. However, depending on your key management architecture and implementation, you could be spending too much time maintaining compliance or, even worse, not meeting the PCI DSS requirements for scope reduction. Covered by PCI DSS requirements 3.4 to 3.6, key management is a critical element in a cardholder data protection strategy. http://www.compliancehome.com/resources/PCI/Webinars/abstract18780.html Tue, 09 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18779.html Its been announced by NCR Corp. that Healthy Advice Networks, a provider of physician office-based health education programs, is using NCR Netkey to power its PracticeWire service. PracticeWire delivers real-time health content to physicians throughout the United States, via wall-mounted digital screens through wireless broadband, according to the company. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18779.html Tue, 09 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18778.html Remember the regulatory rash that broke out several years ago, when every software vendor had just the balm for your HIPAA, Sarbanes-Oxley, PCI, and other compliance problems? At Healthcare Information and Management Systems Society (HIMSS) conference in Atlanta, the new compliance is http://www.compliancehome.com/resources/HIPAA/Articles/abstract18778.html Tue, 09 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18777.html Health information exchange (HIE) in particular the electronic sharing of laboratory results are a matter of concern. In lieu of the same, The National Academy for State Health Policy, U.S., has launched State and national initiatives using HIE which are gaining momentum in the wake of the American Recovery and Reinvestment Act of 2009 (ARRA) that provides over $40 billion to promote health information technology, including electronic health records (EHRs) and HIE. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18777.html Tue, 09 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18776.html The PCI DSS continues its march from the largest to the smallest merchants, affecting the way thousands of organizations approach security. PCI DSS applies to all organizations that handle credit-card transactions or that store or process payment-card data. http://www.compliancehome.com/resources/PCI/Articles/abstract18776.html Tue, 09 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18775.html e-Smart Technologies Inc. has been ordered by OSHA to pay back wages with interest and approximately $600,000 in compensatory damages to a California worker who was discharged after raising concerns about misinformation contained in a draft public filing. The agency also ordered the company to reinstate the whistleblower to his former position. e-Smart makes biometric smart cards and other products designed for security and homeland defense. The Labor Department does not release the names of employees involved in whistleblower complaints. http://www.compliancehome.com/resources/OSHA/Articles/abstract18775.html Tue, 02 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Webinars/abstract18774.html ABSTRACT: Securing cardholder data is not just about passing annual PCI DSS audits. It can mean a big difference in the cost of audits and the amount of effort needed for ongoing compliance. Research conducted by PriceWaterhouseCoopers found encryption and tokenization to be among the most promising technologies to reduce the scope of PCI DSS audits saving time and money. However, depending on your key management architecture and implementation, you could be spending too much time maintaining compliance or, even worse, not meeting the PCI DSS requirements for scope reduction. Covered by PCI DSS requirements 3.4 to 3.6, key management is a critical element in a cardholder data protection strategy. http://www.compliancehome.com/resources/PCI/Webinars/abstract18774.html Tue, 02 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18773.html The new rules on HIPAA breach notification and the related, tougher penalties for privacy and security violations, mean healthcare organizations and business associates alike need to be more vigilant about data security. A common source of data breaches, and an area where hospitals need to tighten up security, some experts say, is remote access to networks http://www.compliancehome.com/resources/HIPAA/Articles/abstract18773.html Tue, 02 Mar 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18772.html IEEE, a professional association for the advancement of technology, and the Cloud Security Alliance (CSA), a not-for-profit organization formed to promote the use of best practices for providing security assurance within cloud computing, have announced results of a survey of IT professionals that reveals overwhelming agreement on the importance and urgency of cloud computing security standards. http://www.compliancehome.com/resources/SOX/Articles/abstract18772.html Fri, 26 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18771.html The Food and Drug Administration gives its consent to a new pneumococcal vaccine that protects against more strains of bacteria than the existing one and is expected to produce a sharp reduction in the number of cases of bacterial pneumonia and ear infections in children and adolescents. http://www.compliancehome.com/resources/FDA/Articles/abstract18771.html Fri, 26 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18770.html A Meridian-based company has been fined by the U.S. Department of Labor for violating federal rules on safe working conditions at a Montana work site.Cascade Pipeline Corp. must pay $32,000 for an unsafe trench in Miles City, Mont. The Occupational Safety and Health Administration said the trench lacked required protective systems and that ladders and excavated dirt were too close to the trench http://www.compliancehome.com/resources/OSHA/Articles/abstract18770.html Fri, 26 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18769.html The federal Occupational Safety and Health Administration has cited Worldcolor Buffalo for repeated violations at the printing giants plant in Depew. The company, formerly Quebecor, is said to have committed 27 health and safety violations. Two dozen of the infractions have been labeled as serious by OSHA, resulting in $61,350 in fines. Three less-then-serious violations tacked on another $1,000 in penalties. http://www.compliancehome.com/resources/OSHA/Articles/abstract18769.html Fri, 26 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18767.html The bold new frontier for information technology is Health care. Regulators, providers, and insurance companies all seem ready to embrace electronic health records (EHRs) as a way to share personal health information among multiple organizations including doctors offices, hospitals, pharmacies, home health care providers, outpatient services and consumers. However, there are big risks to information technology companies who take on health care projects without ensuring they are in compliance with state and federal regulations around patient privacy and information security. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18767.html Wed, 24 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Webinars/abstract18765.html Nemertes Research is a research advisory firm that specializes in the business impact of emerging technologies. They have been tracking the trends in virtualization since about 2005, and have been looking at the phenomenon emerge with enormous speed. Watch this webinar, with Nemertes Research and Altor Network, and learn about the trends of moving to virtualization, dynamics of the cloud, security challenges virtualization gives us, issues of compliance, and why existing solutions dont really fulfill the needs of the enterprise. http://www.compliancehome.com/resources/HIPAA/Webinars/abstract18765.html Wed, 24 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18763.html Many legacy systems are simply not aligned with current business needs. Many offer limited value in today's dynamic business and regulatory environment. Next-generation access solutions evolved from the need to manage a smaller group of high-performing or trusted users such as database administrators, users accessing credit card data, external auditors working remotely, and outsourced or other business partners.Many legacy systems are simply not aligned with current business needs. Many offer limited value in today's dynamic business and regulatory environment. Next-generation access solutions evolved from the need to manage a smaller group of high-performing or trusted users such as database administrators, users accessing credit card data, external auditors working remotely, and outsourced or other business partners. http://www.compliancehome.com/resources/PCI/Articles/abstract18763.html Wed, 24 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18762.html With the requirements of payment processing security changing constantly, it can be difficult for merchants to keep up. Yet the consequences for not keeping up can be catastrophic - payment processing breaches can be tremendously expensive http://www.compliancehome.com/resources/PCI/Articles/abstract18762.html Wed, 24 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18760.html Federal investigators have cited a Pennsylvania construction company after a worker fell 225 feet to his death. The Department of Labor's Occupational Safety and Health Administration says Mariani & Richards Inc. failed to protect workers from falls on a construction site in downtown Pittsburgh. As a result of the OSHA investigation in August 2009, the company has been cited with one willful violation and a proposed $70,000 fine. OSHA says Mariani & Richards was cited for the same violation in November 2007 but didn't take steps to remedy the situation. The company has 15 days to comply, request a conference with OSHA officials, or contest the ruling and fine. http://www.compliancehome.com/resources/OSHA/Articles/abstract18760.html Wed, 24 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18759.html More than a year after 100 million credit card numbers were stolen from Heartland Payment Systems, two industry experts disagreed over who was at fault. This information is currently protected by the Payment Card Industry Security Standards Council, which sets 12 specific goals to build and maintain secure networks. Compliance with PCI standards is mandatory for all companies storing or processing payment card identification. Heartland executives originally said they were compliant, but later disclosed that assessors incorrectly informed the company. In a report by NetworkWorld, Lieberman Software CEO Phil Lieberman said improved payment technology could be used to prevent future security breaches, which can be devastating to consumers' credit scores. This smart card technology would remove liability from merchants and processors, while minimizing card cloning. http://www.compliancehome.com/resources/PCI/Articles/abstract18759.html Wed, 24 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18758.html U.S. Food and Drug Administrations (FDA) has granted its approval for Norvir, a new tablet formulation of its anti-retroviral medication. The tablets that do not require refrigeration and can be stored at room temperature; come in the form of soft-gelatin capsules, which contain 100 mg of ritonavir. As well, they can also be used in combination with other anti-retroviral HIV medications. http://www.compliancehome.com/resources/FDA/Articles/abstract18758.html Wed, 24 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18757.html U.S. Food and Drug Administration (FDA) has approved the hypertension treatment Benicar(R) (olmesartan medoxomil) for use in children and adolescents 6 to 16 years of age, announced by Daiichi Sankyo, Inc. Benicar was originally approved in 2002 for the treatment of hypertension in adults. Approximately 5 percent - or 3.6 million - American children suffer from high blood pressure, with the majority unaware they have the condition.(4)(5) Studies have also found that the average blood pressure of American children is on the rise, in parallel with the increase of children's weight.(6) In fact, an analysis of nearly 40 years of national surveys of high blood pressure trends in children and adolescents showed that the prevalence of elevated blood pressure among this group has been growing since the late 1980's.(7) http://www.compliancehome.com/resources/FDA/Articles/abstract18757.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18755.html The federal Food and Drug Administration said that it would take steps to more stringently regulate three of the most potent forms of medical radiation, including increasingly popular CT scans, some of which deliver the radiation equivalent of 400 chest X-rays. http://www.compliancehome.com/resources/FDA/Articles/abstract18755.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18754.html From stolen devices and phishing attacks to buggy apps and human blunders, 2009 was another banner year for data breaches. According to the Privacy Rights Clearinghouse, over 345 million records containing sensitive data have been involved in incidents within the United States since January 2005. But last year, one single breach compromised 130 million records. In an effort to do better this year, let's recount some of the worst data breaches reported in 2009. http://www.compliancehome.com/resources/PCI/Articles/abstract18754.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18753.html One of North America's largest quick-service restaurant chains, Tim Hortons, reportedly has selected and deployed solutions from Juniper Networks security network infrastructure portfolio. Due to this deployment, Tim Hortons would now be able to connect more than 3,000 stores across Canada and the United States with the ability to support Payment Card Industry (PCI (News - Alert)) compliance, provide business continuity and transfer high volumes of information through a fast and secure environment for its business operations and retail transactions. http://www.compliancehome.com/resources/PCI/Articles/abstract18753.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18752.html Cloud computing is one of the most promising technologies for any enterprise today. Especially in this economy, cloud services can provide speed, efficiencies, and cost savings. These benefits are enabling the technology to pick up in India. However with data privacy and other concerns, it can open up a potential Pandoras Box of security threats. Hence, one of the biggest business requirements enterprises evaluate while looking at cloud-based solutions is security. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18752.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18751.html After the announcement of Apples iPad tablet, Software Advice surveyed 178 physicians, nurses, medical students and healthcare IT professionals about what the healthcare industrys ideal tablet would look like. This isnt our first time talking tablets and healthcare. In April of last year, we wondered if the Apple tablet would become the ideal device to run electronic health record (EMR) software. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18751.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18750.html Generic drugmaker Teva Pharmaceutical Industries Ltd said the U.S. Food and Drug Administration will review its application to sell a biotechnology medicine to boost white blood cells that is similar to Amgen Inc's big-selling Neupogen. Teva said the FDA accepted its Biologics License Application for the medicine for which it has proposed the trade name Neutroval. The Teva drug, XM02, is already being sold under the name TevaGrastim in several European countries, where a pathway for approving generic versions of biotech drugs -- so-called biosimilars -- is already in place. http://www.compliancehome.com/resources/FDA/Articles/abstract18750.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18749.html The U.S. Food and Drug Administration on Tuesday approved Auxilium Pharmaceuticals Inc.'s Xiaflex injection to treat a hand disease that causes http://www.compliancehome.com/resources/FDA/Articles/abstract18749.html