HOW TO MAKE SECURITY TRAINING EFFECTIVE by Daniel J. Solove Far too often, security training is so focused on saying the right things that it fails to get employees to do the right things. In many training programs I’ve seen, there is an obsession with making sure that every conceivably relevant point be said. Just […]
SECURITY AWARENESS TRAINING FAQ by Daniel J. Solove What does the law require for security awareness training? What are organizations currently doing? What should they be doing? Below, I will answer these questions and more. What is the return on investment (ROI) for security awareness training? There’s a huge ROI on security awareness training. A […]
HIPAA Training Vignettes Spice up your HIPAA training program with our HIPAA training vignettes. Each vignette is short, engaging, and humorous. They can serve as an effective way to remind your workforce about key HIPAA do’s and don’ts. These vignettes are so engaging that many organizations use them for voluntary training — this is training […]
HIPAA SECURITY RULE CHECKLIST by Daniel J. Solove The HIPAA Security Rule covers electronic protected health information (ePHI), which is any individually identifiable health information in electronic format. The security of non-electronic PHI is covered by the Privacy Rule. The HIPAA Security Rule has 18 safeguards standards, each of which is mandatory, along with 36 […]
Privacy and Security Awareness Training Game: Spot the Privacy and Security Risks The answers are in our privacy and security training game module. In this privacy and security awareness game (~5 minutes), trainees are asked to spot the privacy and security risks in an office. They select various parts of the office and then click on […]
CYBERSECURITY AWARENESS TRAINING ABOUT MALWARE THE RANSOMWARE ATTACK Malware is a general term for harmful programs and code. There are many forms of malware, including viruses, Trojan Horses, worms, and spyware. A more recent form of malware has been rising dramatically — ransomware. Ransomware is one of the most pernicious forms of malware — it […]
INFORMATION SECURITY AWARENESS TRAINING SOCIAL ENGINEERING: SPIES AND SABOTAGE “Social engineering” is the use of trickery to fool people into divulging confidential information or into facilitating unauthorized access into computers or accounts. Simply put, humans are easier to hack than machines. Hackers use a set of techniques that people will often fall for. Even the […]
PRIVACY AWARENESS TRAINING PRIVACY BY DESIGN The term “Privacy by Design” was coined by Ann Cavoukian, the former Information and Privacy Commissioner of Ontario, Canada and now Executive Director of the Privacy and Big Data Institute at Ryerson University. According to Cavoukian, “Privacy by Design refers to the philosophy and approach of embedding privacy into the […]
PRIVACY AND DATA PROTECTION BY DESIGN TRAINING This newly updated course (~18 min) teaches the basics of privacy and data protection by design training to engineers, designers, and other workforce members. To effectively design for privacy and data protection, one must identify and assess the various issues that might arise. Doing so can be challenging […]
HIPAA ENFORCEMENT FAQ by Daniel J. Solove The Health Insurance Portability and Accountability Act (HIPAA) regulations govern health information maintained by various entities covered by HIPAA (“covered entities”) and other organizations that receive protected health information (PHI) from covered entities when performing functions for them. Who Enforces HIPAA? HIPAA is enforced by the Office for […]