Electronically stored information (ESI) and the issues, risks and management around ESI were clearly addressed in a version of the 2006 FRCP amendments. The power that ESI now has in courts around the world and especially in CA, has prompted Governor Schwarzenegger to approve and sign a new version of the California Electronic Discovery Act. To view the California Civil Discovery Act in its entirety, click here.
To read Amy Dugdale’s recent posting about this signing, click here.
In a featured story by AISHealth.com, we see that the California Department of Public Health recently issued the maximum penalty to Kaiser Permanente Bellflower Medical Center for their failure to prevent unauthorized access to patient information.
This decision may reflect how things may be beginning to change under the HITECH Act provisions included in the American Recovery and Reinvestment Act of 2009.
Do you agree with the CDPH decision?
M.E. Kabay, PhD, CISSP-ISSMP has written an article in Network World that summarizes some of the more important research that has been done for security metrics. In trying to address the question of what should be measured to better understand and manage security issues, Mr. Kabay cites some useful research papers to assist each of us tasked with the responsibility to place controls around security issues affecting business continuity planning, information security or other areas of response to regulatory requirements and compliance management.
Putting the appropriate security control measurements in place within an organization remains an ongoing process requiring periodic review, evaluation and improvement by managment.
Read this article to help you do just that….
