PCI DSS is a standard for the card associations not for your business
I recently saw a post from a blog on a corporate web site from a company called Cloud compliance, entitled “Compliance is the New Security Standard“. Cloud Compliance provides a SaaS-based identity and Access Assessment (IdAA) solution that helps identify and remediate access control and entitlement policy violations. We combine the economies of cloud […]
Why the Clinton data leaks matter
In the middle of a US Presidential election that will certainly become more contrast-focused (as politically correct Americans like to call mud-slinging), the Clinton data leaks are interesting and also worth investigation for their longer-term impact on the US economy, Shaky ethics versus data protection A friend who is a political science professor told me that […]
Why audit and risk management do not mitigate risk – part II
In my previous post Risk does not walk alone – I noted both the importance and often ignored lack of relevance of internal audit and corporate risk management to the business of cyber security. Audit and risk management are central to the financial services industry Just because audit and risk management are central to the financial […]
Risk does not walk alone
Israeli biomed companies often ask us about the roles of audit and risk management in their HIPAA security and compliance activities. At the eHealth conference in Israel last week – a lawyer gave a presentation on HIPAA compliance and stated: If you have to do one thing, make sure everything is documented – your policies […]
The 2 big data disconnects in clinical data management
Why data is important There are 2 reasons: Determining the results of your clinical trials depends on the data Governance of the clinical trial depends on the data – but not necessarily the same data. Data-driven management is an approach that values decisions based on verifiable empirical data. The data-driven approach is crucial to success of modern, […]
Connecting with serious ill children at the Jordan River Village
Working in a startup like FlaskData.io developing cloud-based clinical data management software is like a triathlon ( I did the Eilat triathlon in 2013 so I can compare). There is a long swim of developing software where you are on your own (and maybe get kicked in the head) and then the adrenaline rush of launch when […]
2 mistakes you do not want to make in your medical device clinical trial
Jenya Konikov-Rozenman Jenya is a co-founder and VP Clinical at Flaskdata.io. Jenya has a masters degree in biotechnology from the Hebrew University and is a doctoral candidate at Tel Aviv in medical science. She is GCP and CRA certified and leads FlaskData.io customer operations with super-human devotion to customer delivery. Jenya has 2 children – […]
How do you know that your personal health data is secure in the cloud?
Modern system architecture for medical devices is a triangle of Medical device, Mobile app and Cloud services (storing, processing and visualizing health data collected from the device). This creates the need for verifying a chain of trust: patient, medical device, mobile app software, distributed interfaces, cloud service software, cloud service provider. No get out of jail free card if […]
3 things a medical device vendor must do for security incident response
You are VP R&D or CEO or regulatory and compliance officer at a medical device company. Your medical devices measure something (blood sugar, urine analysis, facial anomalies, you name it…). The medical device interfaces to a mobile app that provides a User Interface and transfers patient data to a cloud application using RESTful services over HTTPS. Sound familiar? […]
Refreshing your HIPAA Security Rule compliance
Clients frequently ask us questions like this. Danny, I have a quick question about our HIPAA compliance that we achieved back in early 2013. Since then we have released a couple of new software versions and we are wondering to what extent we need to perform another security and compliance assessment. Please let us know what sort of information you might […]
