ControlCase Monthly Newsletter December 2019
From all of us at ControlCase – we wish you and your loved ones a joyful holiday season and a prosperous New Year.
As always, we are committed to working in partnership with our clients to provide efficiency in achieving continued security and compliance programs.
Please feel free to reach out to discuss your 2020 Compliance program!
Upcoming Webinar This Thursday – PCI DSS and Other Related Updates
In this special 45 minute webinar series, ControlCase will cover the following based on PCI SSC FAQs, blogs, and PCI SSC presentations from Community Meetings and other PCI SSC public events:
- Current status of PCI DSS (including information publicly available on PCI DSS ver. 4.0)
- PA DSS and upcoming Software Security Framework overview
- P2PE updates and new concepts
- PCI PIN, PCI 3DS and Card Production overview
- Chronological Time-frame for various standards
Webinar – ISO 27001 In the Age of Privacy
In this special 45 minute webinar series, ControlCase will cover the following based on PCI SSC FAQs, blogs, and PCI SSC presentations from Community Meetings and other PCI SSC public events:
- What is ISO 27001
- How can companies get ready for ISO 27701 privacy standard
- What is the certification process to ISO 27701
- Common challenges
- Q/A
Date:
Thursday, January 16th, 2020
Time:
11:00 AM – 11:45 AM EST
Improving the Throughput and Transparency of the HITRUST Assurance Program
The quality requirements that went into place on April 1, 2019 had a significant impact on customers, external assessors, and the Assurance Program; however, the importance of quality remains paramount to the unique value that HITRUST provides by ensuring integrity, consistency, transparency and ultimately rely-ability of the report issued.
PCI SSC Publishes New Standard for Contactless Payments
PCI Security Standards Council (PCI SSC) published a new data security standard for solutions that enable merchants to accept contactless payments using a commercial off-the-shelf (COTS) mobile device (e.g., smartphone or tablet) with near-field communication (NFC).
The California Consumer Privacy Act (CCPA) enters into effect on January 1st, 2020
It imposes complex privacy-driven obligations on many organizations. While companies in recent years have dedicated efforts to enter into and maintain compliance with the EU General Data Protection Regulation (GDPR), the CCPA imposes distinguishable requirements with significant implications from legal, technological, administrative and business perspectives.
Guidance for businesses concerned with privacy regulations
HITRUST has announced that it is providing a basis for a CCPA assessment by adding the California Consumer Privacy Act (CCPA) 1798 privacy controls to a new release of its information risk and compliance framework.
Hospital group pays millions to settle HIPAA case
Hospital group pays millions to settle HIPAA case.