It takes about 2 minutes to change the Windows local Administrator password using easily obtainable tools on the Internet. Personal data should be encrypted. Period. It\’s not that hard – there are several drive and file encryption tools available and this should be considered minimum level of due care. Unfortunately, encrypting data is not a HIPAA requirement, even though it should be.
If you store your customer\’s information, it should be protected against theft. Both HIPAA and Gramm-Leach-Bliley Act require risk assessments to be performed by the company. Theft is a credible threat and must be addressed in the risk assessment.
We have updated our privacy policy to be more clear and meet the new requirements of the GDPR. By continuing to use our site, you accept our revised Privacy Policy.
It takes about 2 minutes to change the Windows local Administrator password using easily obtainable tools on the Internet. Personal data should be encrypted. Period. It\’s not that hard – there are several drive and file encryption tools available and this should be considered minimum level of due care. Unfortunately, encrypting data is not a HIPAA requirement, even though it should be.
If you store your customer\’s information, it should be protected against theft. Both HIPAA and Gramm-Leach-Bliley Act require risk assessments to be performed by the company. Theft is a credible threat and must be addressed in the risk assessment.
George Toft, CISSP
Chief Security Officer
My IT Department
http://www.myITaz.com
Has anyone used certmagic.com for CISSP Certified Information Systems
Security Professional to study for the CISSP exam?