The IT department of Radboud University (the Netherlands) manages 40,000 to 50,000 identities. With around 25,000, the school also has an academic hospital, with faculty and staff, along with researchers from all over the world, not to mention invited…

I spend my days working with and for Federal Government agencies helping solve identity management challenges.  Always (now) with an eye toward security, I feel their pain in balancing the functionality needs of their enterprises with the security that…

There’s a growing buzz about this new regulation called GDPR (General Data Protection Regulation). It requires any organization that stores, processes, or transmits personal data on European Union citizens (even organizations outside of the EU) to undertake…

As if PCI, SOX, HIPAA, GLB, and all the other alphabet-soup regulations aren’t enough to bog down your security program, we now have a new one rearing its ugly head. The new regulation is the European Union General Data Protection Regulation – or GDPR…

Just because you leverage the user, group and role-based management features of certified Electronic Health Record (EHR) systems that doesn’t mean you’re doing enough to secure healthcare data and ensure compliance with HIPAA Security Rule requirements…

For many organizations, compliance with data security standards doesn’t seem to be getting easier. First of all, IT security compliance efforts are forever competing for attention and funding with information-security projects, operational vulnerabilities…