<img src="https://secure.leadforensics.com/85060.png" style="display:none;">

How do you reduce the impact of residual risks?

Before writing this blog post about residual risk, I thought about how this topic translates into my own life. According to ISO 27001, residual risk is "the risk remaining after risk treatment." In other words, once risks have been identified and treated, what are the remaining risks? And, importantly, is the business willing to accept that level of risk or not?

Topics: 2018.10 redesign

Does HIPAA apply to the risk and insurance industry?

It has been 16 years since HIPAA legislation was signed into law by President Clinton. In early 2010, the HITECH act was enacted, expanding on the original HIPAA regulations. While these regulations may appear on the surface to apply only to the health and medical industries, the risk and insurance industry may in fact be subject to HIPAA legislation.

Topics: best practices