PCI Password

PCI Password Requirements: Is It Enough?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements aimed at ensuring sensitive data is protected, privacy is maintained, and networking systems are robust enough to withstand cyber-attacks. PCI standards aren’t specific to any one country or organization, but rather function as a global set of standards that everyone can adhere to. As with almost …

Recommendations For HIPAA Password Compliance: https://www.enzoic.com/hipaa-password-compliance/

Recommendations For HIPAA Password Compliance

What is HIPAA Password Compliance and How Healthcare Organizations Can Comply with these Authentication Guidelines. HIPAA (Health Insurance Portability and Accountability Act) was introduced in 1996 but has become increasingly prominent in recent years due to the rise of data breaches in the industry. Data breaches have been on the rise across all industries in the past five years, but …

HIPAA & Passwords: https://www.enzoic.com/hipaa-password/

HIPAA & Employee Password Policies

The Health Insurance Portability and Accountability Act (HIPAA) describes how organizations must keep protected health information (PHI) secure. So how exactly are employee passwords supposed to be handled in light of HIPAA?   It’s important to understand how HIPAA handles the topic of passwords in order for organizations to properly implement the guidelines in their data protection strategies.  What Organizations are …

HITRUST & Password Policy: https://www.enzoic.com/hitrust-password/

HITRUST & PASSWORDS: 7 Important Password Policies for HITRUST

Our recommended healthcare password policies that complement and support HITRUST. Since its founding in 2007, HITRUST (Health Information Trust Alliance) champions programs that safeguard sensitive information and manage information risk for global organizations across all industries. HITRUST works with privacy, information security, and risk management leaders from the public and private sectors, to develop common risk and compliance management frameworks, …

PSD2 SCA

Are PSD2 SCA Options Too Narrow in Scope?

On September 14th, new PSD2 requirements known as Strong Customer Authentication (SCA) were introduced across Europe. These requirements are part of the EU Revised Directive on Payment Services (PSD2) and are intended to increase security for online payments. We are living in an increasingly security-conscious time, and the EU is making meaningful steps with GDPR and PSD2 to address the …

New Jersey Data Breach Notification Law

New Jersey’s Data Breach Notification Law Went Into Effect on Sept 1 to Include Account Takeover PII Data As of Sept 1st, 2019, businesses based in New Jersey are now required to notify impacted users of online account information exposed in a data breach.  Because of this amended law, New Jersey residents are now better protected from the risk associated …

What GDPR Means for Your Password Policy

GDPR Password Policy: Critical Components

We are now over one year on from the General Data Protection Regulation (GDPR) coming into effect. Many businesses still find themselves falling short of compliance and are confused about how the regulation applies to password policy. GDPR came into force on May 25, 2018, thrusting the European Union (EU) into a new era of data and privacy rights. The …