SEC Cybersecurity Guidance: Incident Response

When firms think about cybersecurity, they’re tempted to focus on the tech.  Hopefully, you're already having internal conversations about which tools you need to fight phishing or to keep your mobile devices safe. One area where we've seen a lot of firms struggle, though, is in figuring out what to do when something BAD happens. [...]

SEC Cybersecurity Guidance: Mobile Device Management

Protecting Your Business’ Most Sensitive Mobile Data Gone are the days of the rotary phone.  Data is immensely portable.  As we — individuals, consumers, corporate employees, investment advisors and financial investors — continue to rely on our mobile devices for everything, the level and amount of sensitive data that is stored on our mobile devices [...]

SEC Cybersecurity Guidance: Business Continuity Planning (Pt. 2)

Welcome back to SEC Cybersecurity Guidance: Business Continuity Planning.  The first steps (found here in Part 1) are: List your Specific Needs, and Discuss and Document... and here, in Part 2, we talk, and plan, and test. Disclaimer: we are STILL not lawyers.  We are cybersecurity practitioners who work with a lot of registered [...]

SEC Cybersecurity Guidance: Business Continuity Planning (Pt.1)

If you’ve come to this site, you’re probably doing some research about SEC Cybersecurity Guidance. As part of the OCIE Cybersecurity Initiative, #6 in the SEC cybersecurity guidance clearly states that business continuity planning is a priority. Here’s what the SEC Cybersecurity Guidance says: “Please provide a copy of the Firm’s written business continuity [...]

Do You Need Cybersecurity Insurance?

It's a good idea... We have a lot of conversations with our clients about cybersecurity insurance.  Adelia Risk doesn't sell cybersecurity insurance. Instead, we provide a holistic cybersecurity service to small, high value, heavily regulated firms. As part of providing our service, cybersecurity insurance is a common topic. The single biggest misconception that we see? [...]

How to Make Gmail HIPAA Compliant

Google’s email, calendar, and productivity tools (recently renamed to “G Suite”) are absolutely fantastic.  They’re easy to use and very affordable. G Suite is also highly secure, but there are very specific things that you need to do to make G Suite / Gmail HIPAA-compliant.  Here are some big ones... Disclaimer: we are not lawyers. [...]

By |2019-02-15T19:28:06+00:00December 20th, 2018|Cloud Cyber Security, HIPAA|1 Comment

HIPAA Compliant Cloud Storage – 11 Services Reviewed (Updated)

“What are my options for HIPAA compliant cloud storage? ” In recent years, cloud storage has risen in both effectiveness and popularity. Its convenience is undeniable– the ability to access your data from anywhere is amazing. But can business associates and medical providers take advantage of these services to store PHI? What exactly does [...]

By |2019-04-16T18:43:08+00:00December 6th, 2018|Cloud Cyber Security, HIPAA|4 Comments

Is Office 365 HIPAA compliant?

Health care providers must follow the Health Insurance Portability and Accountability Act (HIPAA).  Is Office 365 HIPAA compliant, though? This act protects your patient healthcare data (PHI).  As more clinicians are electronically transmitting patient records and other personal information to specialists and medical facilities, it is imperative that we ensure that information is secure. Isn’t [...]

By |2019-04-05T18:42:53+00:00November 14th, 2018|Cloud Cyber Security, Email Cyber Security, HIPAA|1 Comment