Posts Tagged ‘compliance’

Occ Cryptocurrency

OCC Provides Roadmap for National Banks and Savings Associations To Conduct Crypto Activities

The Office of the Comptroller of the Currency (“OCC”) issued a letter (1179) that national banks and federal savings associations must demonstrate that they have adequate controls in place before they can engage in cryptocurrency, distributed ledger, and stablecoin activities. The OCC had issued multiple Interpretive Letters in 2020 and earlier this year related to […]

Istock 659493026

OCC Releases Community Reinvestment Act (CRA) Evaluations

The Office of the Comptroller of the Currency (OCC) has released 15 Community Reinvestment Act (CRA) performance evaluations.  These evaluations are based on on-site examinations by OCC-trained staff. On-site examinations are done every other year. Reviews, which can take weeks, assess an institution’s performance in helping to meet the credit needs of communities, including those […]

Easing Security Compliance with the OpenShift Compliance Operator: Part 1

This is the first part of a series about the OpenShift Compliance Operator, focusing on installing the operator and running a scan. Operators are a strong piece of Red Hat’s OpenShift platform, easing the operational complexity of what might otherwise be difficult pieces of the platform. Red Hat’s Compliance Operator provides some relief to the […]

Hip On HIPAA Pushing Back To Use Patient Data

Hip On HIPAA: Pushing Back to Use Patient Data

As we continue our series of posts on making HIPAA work for you, I am going to address a common problem we hear from health care marketers: “My board/boss/CMO/Legal Counsel says we cannot use patient data for marketing communications.” This is a tough one. Truly, your board of directors and your legal counsel are going […]

A Look at DevOps in 2020: Sonatype’s Community Survey

DevOps teams routinely deal with the most sensitive needs of an organization: security, governance, and compliance. However, not every organization is on the same page when it comes to DevOps, which can leave developers feeling overwhelmed and overworked. Sonatype recently released findings from its seventh annual DevOps Community Survey that examines the differences between mature […]

Network Connection Technology

DevSecOps Best Practices – Automated Compliance

Secure software practices are at the heart of all system development; doubly so for highly regulated industries such as health-care providers.  Multiple regulatory controls are required for the custodianship of patient and customer data, creation of secure software systems, governance of development environments, and ensuring proper management of audit information. As a best-practice it is […]

DevSecOps and Release – Security Architect

In my previous post, DevSecOps and Release Coordination, I introduced the idea of four key players in the DevSecOps mediated release management process. The idea is to consolidate the validation and approval steps from a “gated” process, and shift the actual work of validation earlier in development. In this post, we will explore the role […]

Cloud Resource Security – Shared Responsibility Model

In my previous post on Cloud Resources – Policy and Practice, I referenced the “shared security model” adopted by all cloud providers. In this post, we will dive deeper into the differences and consequences of sharing the responsibility for securing computing resources, applications, data, and networks. Whether your organization is extending into cloud-based resources or […]

Security and Compliance

Security and Compliance in Microsoft Teams

Whether your company has 10 people or 10,000 people, security measures need to be in place to ensure a safe, secure, and compliant environment for your end users. Many companies will often be required to adhere to certain security regulations and compliance standards but rest assured Microsoft has your back.  Microsoft understands this need for […]

Nearshore Agile Teams

Getting Started with California Consumer Privacy Act Compliance

Compliance with the CCPA requires robust processes for identifying, governing, distributing, and securing consumer personal information. The first steps are to document the current usage of this information: Data inventory: Generate lists of personal data related to clients, investors, employees, counter parties, prospects and other entities. Data recipients: Compile a list of entities, such as […]

GDPR Compliance – Encryption

On 25th May 2018, everybody woke up to find their inbox “spammed” with mails from companies about redefining their data privacy policies containing the term GDPR. Every site that one logged into had a pop up, “We have updated our Data Privacy Policy”. So, what is this all about? Small Word, Big Impact It is […]

Expect Challenges with the California Consumer Privacy Act

Compliance with the CCPA will be challenging because it represents major changes in how financial institutions conduct their business. DATA DISPERSION Consumer personal data is often scattered across multiple internal platforms and shared with many third parties. Firms may not have a full picture of where this information is stored and how it is controlled. […]

Load More