http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Mon, 05 Jul 2010 00:00:00 CST http://www.compliancehome.com/resources/GLBA/Webinars/abstract18994.html With hundreds and thousands of automated systems producing log data, an organization's ability to respond to http://www.compliancehome.com/resources/GLBA/Webinars/abstract18994.html Mon, 05 Jul 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Webinars/abstract18993.html Recently, government security professionals have been tasked with sorting through an ever-expanding assortment of directives, including the NIST SP 800-53, SCAP, FDCC, FISMA, and Dept. of Homeland Security Software Assurance standards. Fortunately, the recently finalized Consensus Audit Guidelines (CAG) are designed to provide a clear and concise set of security controls that can help you focus on the critical underlying recommendations resident in all of these documents, while addressing the threats and attacks that your organization faces today. Core Security is pleased to present a special webcast briefing where John Gilligan and Alan Paller, two principal contributors to the CAG, will provide their insights into how you can best approach the guidelines. As the CAG distills the baseline elements of the myriad IT security measures government organizations must digest, this webcast will provide a closer look at the salient points of the CAG recommendations themselves. http://www.compliancehome.com/resources/FISMA/Webinars/abstract18993.html Mon, 05 Jul 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Webinars/abstract18992.html View this on-demand Webcast from Akamai and featured analyst firm Gartner http://www.compliancehome.com/resources/PCI/Webinars/abstract18992.html Mon, 05 Jul 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18991.html The administration kicked things off with the HITECH Act and its health records, health information exchange and privacy/security provisions. I.T. executives' plates were pushed to overflowing with implementation of the HIPAA 5010 transaction sets and ICD-10 code sets, and the annual modifications to Medicare and Medicaid policies and payments. The federal government now has served up the Patient Protection and Affordable Care Act, commonly known as the health care reform law, also frequently referred to by both proponents and critics as ObamaCare. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18991.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18989.html For organisations that store, transmit or process credit card information, it is vital as they must be able to demonstrate compliance with the Payment Card Industry Data Security Standards (PCI DSS). The PCI DSS standard attempts to protect consumers while safeguarding the reputation of the industry itself and, while not a government mandate, this industry initiative has rapidly become compulsory for any merchant wishing to transact with the major credit card companies. With every company reliant on software to run its business, an alarming rise in data breach incidents across industries, but especially credit card processing, means application security is becoming an increasingly critical part of any organisations overall IT security strategy. http://www.compliancehome.com/resources/PCI/Articles/abstract18989.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18988.html The number of entities that have reported major patient information breaches to HHS' Office for Civil Rights nearly tripled from 32 in February to 93 by June 11, HealthLeaders Media reports. The health IT provisions of the 2009 federal economic stimulus package require OCR to publicize information about any breaches involving 500 or more individuals. The requirement was included in the interim final rule on breach notification, which took effect in September 2009. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18988.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18987.html The U.S. Food and Drug Administration is called by a U.S. senator to reveal findings about a possible link between a chemical found in most sunscreens and skin cancer. The agency has been reviewing data from several studies on a potential connection between retinyl palmitate, a common sunscreen additive, and cases of skin cancer since July but has yet to issue any rulings or guidelines, said Sen. Charles E. Schumer (D-N.Y.). http://www.compliancehome.com/resources/FDA/Articles/abstract18987.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18986.html The people involved in the onshore cleanup of the BP cataclysm may be bringing to light another problem that has been ignored by regulators and enforcement - heat-related illnesses. There will soon be thousands of people, paid and otherwise, working along the beaches and in tidelands and marshes during the hottest time of the year. http://www.compliancehome.com/resources/OSHA/Articles/abstract18986.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18985.html Its been announced by Microsoft Corp. that multiple payer, provider and partner organizations, including Molina Healthcare Inc., EmblemHealth, Edifecs, Evolute, Neudesic LLC, The TriZetto Group Inc. and Washington Publishing Company are standardizing on Microsofts integrated, standards-based platform, with Microsoft BizTalk Server 2009 at the core, to support HIPAA 5010 and ICD-10 compliance. The platform also enables health plans to reduce costs and accelerate and automate processes and workflows to achieve administrative simplification. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18985.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18984.html An investigations is on by the U.S. Food and Drug Administration if Daiichi Sankyo's (4568.T) blood pressure medicine Benicar increases the risk of heart-related death, although the agency said it still believes the benefits of the drug outweigh its potential risks. The FDA said it is evaluating data from a pair of clinical trials in which diabetes patients taking the drug, known chemically as olmesartan, had a higher rate of death from heart related causes compared with patients taking a placebo. http://www.compliancehome.com/resources/FDA/Articles/abstract18984.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18983.html A Food and Drug Administration advisory panel unanimously recommended approval of the first drug for multiple sclerosis (MS) that can be taken orally. Existing drugs for the disease have to be given intravenously or by injection. The new drug, targeted initially at relapsing-remitting MS, is called fingolimod and its manufacturer, Novartis, plans to use the brand name Gilenia. The agency is not required to follow the recommendations of its advisory panels, but it generally does. http://www.compliancehome.com/resources/FDA/Articles/abstract18983.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18982.html With every company reliant on software to run its business, an alarming rise in data breach incidents across industries, but especially credit card processing, means application security is becoming an increasingly critical part of any organisations overall IT security strategy. For organisations that store, transmit or process credit card information, it is vital as they must be able to demonstrate compliance with the Payment Card Industry Data Security Standards (PCI DSS). The PCI DSS standard attempts to protect consumers while safeguarding the reputation of the industry itself and, while not a government mandate, this industry initiative has rapidly become compulsory for any merchant wishing to transact with the major credit card companies. By being able to demonstrate and sustain compliance, the industry as a whole is signalling to the public that they have efficient and effective processes that assure the security of payment software. However, not all organisations are able to d http://www.compliancehome.com/resources/PCI/Articles/abstract18982.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18981.html Incase your business accepts credit or debit payments, its likely that youre required to comply with the Payment Card Industry Data Security Standard. PCI DSS was created in 2006 to establish minimum data security measures for organizations around the world that hold, process, or exchange cardholder information from any of the major card brands. These security measures are reviewed and revised on a rotating two-year schedule to be sure they remain adequate in protecting sensitive data. http://www.compliancehome.com/resources/PCI/Articles/abstract18981.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/ISO-27002-(17799)/Articles/abstract18980.html Software-as-a-Service (SaaS) is more than just a cloud-based delivery model. It is a service approach that IT organizations are considering for meeting their IT service management needs. With a SaaS model, IT organizations can focus their staff and infrastructure on high-priority activities and initiatives while still enjoying access to IT service management productivity solutions. Typical SaaS models allow a service to be hosted, delivered, and managed remotely via the Web and offer the sharing of application processing and storage resources through a subscription service. http://www.compliancehome.com/resources/ISO-27002-(17799)/Articles/abstract18980.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18979.html Resurfacing work on Old Adobe Road near Penngrove resumed Friday afternoon after a safety meeting called to prevent a repeat of the kind of accident that left a man seriously injured , a Sonoma County official said. Cal-OSHA required the extra worker safety session after halting road work Thursday afternoon in the wake of an incident. At 1:15 p.m. a traffic supervisor walked behind a dump truck and was struck, officials said. http://www.compliancehome.com/resources/OSHA/Articles/abstract18979.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18978.html OSHA has cited the U.S. Postal Service for workplace safety violations related to electrical hazards found at two Philadelphia facilities after receiving complaints about both locations. Combined proposed penalties total $497,000. http://www.compliancehome.com/resources/OSHA/Articles/abstract18978.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18977.html Introduction to OSHA, a new training component emphasizing workers rights, is required content in every OSHA 10- and 30-hour Outreach Training Program class. OSHA developed the information in support of the Secretary of Labors goal of strengthening the voice of workers. http://www.compliancehome.com/resources/OSHA/Articles/abstract18977.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18976.html Top cybersecurity official of NASA raised a few eyebrows and won a lot of fans last month when he said the cost of complying with the Federal Information Security Management Act was not a good investment. Rather than spend tens of millions of dollars going through the paperwork-intensive certification and accreditation process in 2010, NASA planned to invest its money in technology that would make it possible to manage security risks in real time, said Jerry Davis, NASAs deputy chief information officer for information technology security. http://www.compliancehome.com/resources/FISMA/Articles/abstract18976.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18975.html On the growing list of unknowns that surround the Gulf of Mexico oil disaster -- How many barrels are spilling? When will the leak be capped? -- belongs another, less-discussed mystery: How will the chemical soup of gushing crude and dispersants affect the health of cleanup workers, fishermen and others working along the coast? http://www.compliancehome.com/resources/OSHA/Articles/abstract18975.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18974.html The Office for Civil Rights' (OCR) list of entities reporting major patient information breaches began at 32 about four months ago. It is now near 100. The number of entities reporting breaches of unsecured PHI affecting 500 or more individuals has nearly tripled since the agency that enforces the HIPAA privacy and security rules first posted them on its website in February. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18974.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18973.html A Kingfisher trucking firm and a Minnesota fertilizer plant were cited by Occupational Safety and Health Administration in the deaths of two Oklahoma men in an ammonia accident in 2009. Thirty-one-year-old Robert Shue, of Kingfisher, and 56-year-old Roy Taylor were exposed to anhydrous ammonia at CF Industries Nov. 16 when piping on a tanker truck failed, releasing poisonous vapors. Shue died at the scene and Taylor died two weeks later. http://www.compliancehome.com/resources/OSHA/Articles/abstract18973.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18972.html The cybersecurity and FISMA reform bill, the bills that were longed for are by the leaders of the Senate Homeland Security and Governmental Affairs Committee would create two cybersecurity directors - one in the White House and the other in the Department of Homeland Security - to lead the federal governments information security efforts. http://www.compliancehome.com/resources/FISMA/Articles/abstract18972.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Webinars/abstract18971.html be a part of this webinar to learn about critical technologies that can assist your PCI compliance efforts. We will discuss how to: Protect critical data from leaving your enterprise through malicious hackers and/or employee mistakes, Go beyond intrusion detection and prevention to a positive, proactive, security model that protects against new email and web-borne attacks, Safely enable remote employees, partners, contractors and other third parties to authenticate and access pertinent information, Implement security measures that ensure simultaneous compliance with PCI, SOX, GLBA, HIPAA and other privacy and data protection regulations http://www.compliancehome.com/resources/PCI/Webinars/abstract18971.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Webinars/abstract18970.html The Heartland Payment Systems data breach has been the information security story of the year. And it's shined a bright spotlight on the Payment Card Industry Data Security Standard (PCI DSS) - and the question http://www.compliancehome.com/resources/PCI/Webinars/abstract18970.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18969.html FDA issued a 12-page warning letter to Pfizer Chief Executive Jeffrey Kindler and cited the numerous examples involving some of the company's top-known brands, including impotence drug Viagra, cholesterol pill Lipitor and seizure medicine Lyrica. The delays in reporting side effects date back as far as 2004 and have grown in recent years, according to the FDA's letter that was released by Pfizer http://www.compliancehome.com/resources/FDA/Articles/abstract18969.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18968.html The secretaries of the Louisiana Department of Environmental Quality (DEQ) and the Department of Health and Hospitals (DHH) sent a letter to OSHA Administrator David Michaels asking the agency to conduct a full investigation of oil spill worker conditions and safety. http://www.compliancehome.com/resources/OSHA/Articles/abstract18968.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18967.html Two Philadelphia U.S. Postal Service distribution centers face $497,000 in fines for allowing inadequately trained employees to perform work without the proper protective equipment while being exposed to live electrical parts, the U.S. Department of Labor's Occupational Safety and Health Administration. OSHA cited the Postal Service with four willful violations at the network distribution center at 1900 Byberry Rd., and with three willful and one serious violation at the Processing and Distribution Center at 7500 Lindberg Blvd http://www.compliancehome.com/resources/OSHA/Articles/abstract18967.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18966.html Federal contractor Engineering Services Network Inc. will upgrade the Department of Veterans Affairs' VistA core information system to support the HIPAA 5010 transaction sets under a contract valued at $7.9 million in the first year. The contract's value could rise to $10.9 million if all options are exercised. Under the contract, VistA must be ready for external HIPAA 5010 testing by Jan. 1, 2011. The compliance date for the new transaction sets is Jan. 1, 2012. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18966.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18965.html When Congress enacted the Federal Information Security Management Act of 2002, the law that governs how the government secures its digital assets, lawmakers charged agency and departmental chief information officers with responsibility for information security for their respective organizations. Nary a mention of a chief information security officer. Fast forward eight years to late last month, when FISMA reform passed the House as part of the Defense Authorization Act for Fiscal Year 2011. CIOs, under the bill, would continue to be accountable for their agencies' IT security, but the legislation would provide specific responsibilities for CISOs if it becomes law. http://www.compliancehome.com/resources/FISMA/Articles/abstract18965.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18964.html FDA Issues Global Raw Packaged Seafood Import Alert: FDAImports.com Reports Numerous International Firms Impacted Detention Without Physical Examination of Refrigerated Vacuum Pak or Modified Atmosphere Packaged Raw Fish and Fishery Product, or Import Alert #16-25, is currently impacting exporters around the world who regularly ship modified atmosphere or vacuum packed, raw seafood into the US. According to this law, the FDA will detain all imported, raw seafood by default, provided that these items have been shipped by firms which do not meet requirements set forth by a 'Green List' used by the FDA. The FDA created this alert in order to stave off cases of Clostridium Botulinum, or deadly botulism poisoning. This becomes a risk when uncooked seafood is sent in packaging which does not allow anaerobic conditions in which oxygen can circulate. As of September of 2009, the FDA's Green List only lists 46 international firms that meet the standards set forth by IA #16-125. http://www.compliancehome.com/resources/FDA/Articles/abstract18964.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18963.html CEC Elevator Cab Corp., a Bronx, N.Y., manufacturer of elevator cabs has been cited by OSHA for 18 alleged violations of safety and health standards, chiefly for failing to correct hazards cited during prior OSHA inspections. The company faces a total of $346,500 in proposed penalties. http://www.compliancehome.com/resources/OSHA/Articles/abstract18963.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18962.html A provider of on-demand virtual call center solutions, OnState Communications,has announced support for Amazon S3 (Simple Storage Service), a Web-based storage service offered by Amazon Web Services. In addition to other premise and cloud-based options, customers of OnState can now use Amazon S3 to store critical files -- call recordings and chat transcripts -- in a secure and reliable manner, said company officials. With Amazon S3, users can store and retrieve any amount of data from any location at any time. It provides a durable infrastructure designed for mission-critical data storage. Moreover, the service delivers 99.99 percent availability backed by a stringent service level agreement, said company officials. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18962.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18961.html Printers, copiers and multifunction products (MFPs) have evolved over the years and have become an integral part of business networks, providing greater functionality for the office user. However, with almost all technological progress comes unintended consequences or compromises. For the office copier, that consequence has been the retention of document images, which can mean that sensitive information and data are at risk of being accessed by unauthorized parties if the proper security measures are not taken. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18961.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18960.html Continuous monitoring is at the center of proposed reform to FISMA, which is currently maligned as being an exercise in paperwork rather than an effective guide for cybersecurity. The National Institute of Standards and Technology (NIST) has released a list of 17 frequently asked questions about continuous monitoring. http://www.compliancehome.com/resources/FISMA/Articles/abstract18960.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18959.html Healthcare providers are being assisted by 3M to comply with new breach reporting guidelines. The Minneapolis-based company has announced a breach notification tool for use on the latest versions of 3M ChartRelease software and 3M DisclosureTrac software. The American Recovery and Reinvestment Act of 2009 introduced tougher requirements for the regulation and enforcement of privacy and security in healthcare. Under the legislation all healthcare providers, plans and clearinghouses under HIPAA must notify the individual whose privacy was breached in addition to the Department of Health and Human Services. For breaches that affect more than 500 people, the organization must notify the media. In an age when security breaches are becoming more common, this legislation helps protect the privacy of patients and their health information. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18959.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18958.html Communications company Harris has been awarded an eight-month subcontract to support the Veterans Health Administrations migration to updated standards under HIPAA. As the primary subcontractor on the engineering services network team which was awarded a potential $10.9 million contract, Harris will provide software development services, including requirements definition and documentation, and software design, test and deployment. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18958.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/ISO-27002-(17799)/Articles/abstract18957.html A provider of software and services that enable organizations to drive predictable outcomes through engaged, top performing workforces, Workscape, Inc., has reached full compliance with ISO 27002 information security regulations. http://www.compliancehome.com/resources/ISO-27002-(17799)/Articles/abstract18957.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/HIPAA/Articles/abstract18956.html Since its passage, compliance with the Health Insurance Portability and Accountability Act (HIPAA) has long been a major concern for covered entities. With the passage in February 2009 of the Health Information Technology for Economic and Clinical Health (HITECH) Act, covered entities -- and business associates -- face a new horizon of uncertainty as HITECH promised new penalties, new requirements and new regulations. http://www.compliancehome.com/resources/HIPAA/Articles/abstract18956.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18955.html A major step forward to overhaul federal cybersecurity policy by passing the Defense Authorization Bill is taken by the House. The legislation includes and amendment to update the Federal Information Security Management Act, (FISMA). The new cybersecurity guidance will introduce performance based standards and guidelines. This is a marked changed from the current compliance based standards. But already cybersecurity experts are cautioning against the FISMA reforms. They says that although FISMA has improved cybersecurity, the overall results were not that impressive. Proponents of the bill hope to pass the full measure before the August Congressional Recess. http://www.compliancehome.com/resources/FISMA/Articles/abstract18955.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18954.html The changes to the 2002 Federal Information Security Management Act that passed as part of the Houses Defense Authorization Bill for fiscal 2011 would give the White House more direct control over IT security within agencies. Rather than setting out static requirements to be met by agencies in securing their information systems, the Federal Information Security Amendment Act of 2010 would establish a National Office for Cyberspace in the Executive Office of the President, with a director who would be confirmed by the Senate, to oversee IT security. http://www.compliancehome.com/resources/FISMA/Articles/abstract18954.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18953.html The U.S. Department of Labor's Occupational Safety and Health Administration has ordered United Parcel Service to pay an Earth City, Mo., truck driver $111,008 in back wages, benefits, compensatory damages, punitive damages and attorney's fees. OSHA investigated the employee's allegation that Atlanta, Ga.-based UPS terminated his employment in retaliation for his refusal to drive after raising safety concerns. OSHA's investigation found the driver was terminated after refusing to drive the vehicle because of inoperable lights on the trailer and tractor. http://www.compliancehome.com/resources/OSHA/Articles/abstract18953.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18952.html FDA has issued the approval of slight changes to the labeling of the weight loss drug Xenical. The label will now include information about the very rare instances of liver injury that have been noted with thirteen cases. The FDA did point out that this labeling change did not mean that the use of Xenical had been the cause of the liver injury but in line with established practice and following the recent review of Xenical they felt it would be prudent to do so http://www.compliancehome.com/resources/FDA/Articles/abstract18952.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FDA/Articles/abstract18951.html A voluntary recall by Blacksmith Brands for four kinds of PediaCare children's products has been announced by the U.S. Food and Drug Administration. The agency notified health-care professionals and patients about a nationwide recall of all lots of four PediaCare medicines, sold exclusively in the United States and manufactured by McNeil Consumer Healthcare in Pennsylvania. http://www.compliancehome.com/resources/FDA/Articles/abstract18951.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/SOX/Articles/abstract18950.html First, there was the crash of Worldtron and Enron in the United States which should have put local corporate managers and representatives on alert particularly as it relates to the passage of Sarbanes Oxley (Sox) with its stringent information security requirements around financial records. Then there was the Companies Act of Jamaica in 2004 which increased corporate liability and responsibility for officers and directors. http://www.compliancehome.com/resources/SOX/Articles/abstract18950.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/PCI/Articles/abstract18949.html There seems to be much debate ongoing these days regarding the effectiveness of PCI DSS. There have been several high profile cases such as Heartland and RBS WorldPay where these companies had PCI DSS certification, yet still suffered card data breaches. http://www.compliancehome.com/resources/PCI/Articles/abstract18949.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18948.html Portland, Oregon-based TripWire plans to raise $86.25 million by going public on the Nasdaq under the ticker symbol TPWR. J.P. Morgan and Thomas Weisel Partners will share the underwriting role. TripWire builds enterprise security and privacy applications that make it a lot easier for companies to adhere to regulatory standards such as HIPAA, and best practices rules like FISMA. Security and compliance are considered fairly recession-proof industries, because of recession-proof Federal regulations and the regulators who enforce them. http://www.compliancehome.com/resources/FISMA/Articles/abstract18948.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18947.html The fate of FISMA reform legislation could rest with the outcome of congressional action to eliminate the don't ask, don't tell law that bars gays from openly serving in the military. The House Friday approved by a 229 to 186 vote the National Defense Authorization Act, which includes an amendment added to establish an Office of Cyberspace in the White House headed by a Senate-confirmed director. That director would have the authority to review civilian agencies IT security budgets. The amendment is an amalgamation of the Federal Information Security Amendments Act of 2010, HR 4900, sponsored by Rep. Diane Watson, D.-Calif., which was approved last week by the House Oversight and Government Committee, and the Executive Cyberspace Authorities Act, HR 5247, introduced earlier this month by Rep. James Langevin, D.-R.I. http://www.compliancehome.com/resources/FISMA/Articles/abstract18947.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/FISMA/Articles/abstract18946.html FISMA II, with 40 some pieces of cybersecurity legislation pending before Congress, is one that has drawn significant attention from the government-contracting world. While most government agencies and federal contractors learned to check the box and implement whatever measures the act set as standards the first time around, the FISMA II will demand more than that: Instead of being compliance focused, the new bill will introduce performance-based standards and guidelines. http://www.compliancehome.com/resources/FISMA/Articles/abstract18946.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18945.html NDK Crystals Inc. has been penalized by the Occupational Safety and Health Administration for violations that led to an explosion last year at a Belvedere plant that killed one. OSHA on Thursday announced fines of $510,000 against NDK for failing to evaluate the building for a catastrophic event and failing to have an emergency evacuation program, among other violations. Synthetic crystals for computers are made at the plant. Assistant Secretary of Labor Dr. David Michaels says NDK knowingly operated high pressure vessels even after being warned of the potential for a catastrophic failure due to material design and fabrication defects. http://www.compliancehome.com/resources/OSHA/Articles/abstract18945.html Thu, 27 May 2010 00:00:00 CST http://www.compliancehome.com/resources/OSHA/Articles/abstract18944.html A review is being conducted by the Occupational Safety and Health Administration (OSHA) of the Bloodborne Pathogens standard, published in 1991, to see if it needs to be updated. Exposure to bloodborne pathogens can put workers at risk for contracting diseases including hepatitis B and C and the human immunodeficiency viruses (HIV). http://www.compliancehome.com/resources/OSHA/Articles/abstract18944.html