202 Matching Annotations
  1. May 2024
    1. Identify, prioritize, and resolve dependency risk Once dependencies are identified, Black Duck Security Advisories enable teams to evaluate them for associated risk, and guides prioritization and remediation efforts. Is it secure? Receive alerts for existing and newly discovered vulnerabilities, along with enhanced security data to evaluate exposure and plan remediation efforts. Is it trustworthy? Perform a post-build analysis on artifacts to detect the presence of malware, such as known malicious packages or suspicious files and file structures, as well as digital signatures, security mitigations, and sensitive information. Is it compliant? For every component identified, Black Duck SCA provides insights into license obligations and attribution requirements to reduce risk to intellectual property. Is it high quality? Black Duck SCA provides metrics that teams use to evaluate the health, history, community support, and reputation of a project, so that they can be proactive in their risk mitigation process.
    2. Black Duck® software composition analysis (SCA) helps teams manage the security, quality, and license compliance risks that come from the use of open source and third-party code in applications and containers.
  2. Sep 2023
    1. To build HIPAA compliant software, developers need to be aware of and comply with several key requirements outlined in the HIPAA Privacy Rule and Security Rule. These requirements are designed to ensure the confidentiality, integrity, and availability of protected health information (PHI) and to prevent unauthorized access, use, or disclosure of PHI.

      Building software compliant with HIPAA standards necessitates a deep understanding of its Privacy and Security Rules to safeguard protected health information effectively.

  3. May 2023
    1. This ensures that GetResponse and our customers comply with Anti-Spam laws.

      IMHO, the customer should be able to opt out of this automatic adding if they want more/full control over the footer. Then they can take on the responsibility themselves.

  4. Feb 2023
    1. How digital solutions improve regulatory compliance: Facility documentation

      As healthcare regulations become increasingly complex, digital solutions are becoming essential tools for compliance. This recent blog post provides a comprehensive overview of how technology can streamline compliance tasks, reduce errors, and improve patient safety.

  5. Dec 2022
    1. For compliance reasons, you will not be able to see contacts who submit spam complaints in your exclusion list.  We do not offer the ability to export a list of spam complaints from FBLs at the moment. This is also for compliance. 

      "For compliance reasons". That's pretty vague. Compliance with what?

    1. Information is blocked from going outside the organization when data is not supposed to leave the tenant boundary for compliance purposes (for example, in U.S. Government organizations: Microsoft 365 GCC, GCC High, and DoD). Reporting a message or file to Microsoft from one of these organizations will have the following message in the result details: Further investigation needed. Your tenant does not allow data to leave the environment, so we could not find anything with an initial scan. You'll need to contact Microsoft support to have this item reviewed.

      seemingly contradictory:

      You'll need to contact Microsoft support to have this item reviewed. But they already tried to report it to Microsoft and it was blocked? What form of contacting Microsoft support is expected to be used and how is it better? Won't any form of "having this item reviewed" cause it to leave the boundary and go outside the organization?

  6. Aug 2022
    1. ReconfigBehSci. (2021, November 26). Parts of Germany seem to have potentially introduced requirements that cannot practically be met as testing capacity is proving insufficient—A dangerous moment for rule compliance Nadelöhr Corona-Tests: “Es ist Wahnsinn” via @sz https://t.co/meLS79RTCw [Tweet]. @SciBeh. https://twitter.com/SciBeh/status/1464287412289511432

  7. Apr 2022
  8. Mar 2022
  9. Feb 2022
  10. Jan 2022
    1. ReconfigBehSci. (2022, January 9). Just a thought on this and the general vaccine mandate debate. As a behavioural scientist currently stuck in Germany where this is a live debate, it strikes me that the thoughts below address only part of the population: Those not currently vaccinated. But what about ... 1/2 [Tweet]. @SciBeh. https://twitter.com/SciBeh/status/1480213148032450565

  11. Dec 2021
    1. Efforts to clarify and disseminatethe differences between “privacy as advocacy” (e.g.,privacy is a fundamental right; privacy is an ethicalnorm) and “privacy as compliance” (e.g., ensuringprivacy policies and laws are followed; privacyprograms train, monitor, and measure adherence torules) help frame conversations and set expectations.

      This is an interesting distinction... privacy-because-it-is-the-right-thing-to-do versus privacy-because-you-must. I think the latter is where most institutions are today. It will take a lot more education to get institutions to the former.

  12. Nov 2021
    1. Is Agile/SCRUM Modern Slavery? https://en.itpedia.nl/2021/11/30/is-agile-scrum-moderne-slavernij/ What do you say Modern Slavery? Yes, when I first read the Agile Manifesto, I felt an unease. Especially when I also read the 12 accompanying principles. I realize that I am making extreme statements in this article, but they are intended as a mirror and to reflect for ourselves what we are actually doing.

  13. Oct 2021
  14. Sep 2021
    1. 2015, c. 36, s. 172

      Economic Action Plan 2015 Act, No. 1, SC 2015, c 36, https://canlii.ca/t/52m2b, s. 172, amends IRPA s. 32(d.5) to say:

      (d.5) the requirement for an employer to provide a prescribed person with prescribed information in relation to a foreign national’s authorization to work in Canada for the employer;

      Previously it had said:

      (d.5) the requirement for an employer to provide a prescribed person with prescribed information in relation to a foreign national’s authorization to work in Canada for the employer, the electronic system by which that information must be provided, the circumstances in which that information may be provided by other means and those other means;

  15. May 2021
  16. Apr 2021
  17. Mar 2021
  18. Feb 2021
  19. Jan 2021
  20. Dec 2020
  21. Nov 2020
  22. Oct 2020
  23. Sep 2020
    1. Leuker, C., Hertwig, R., Gumenik, K., Eggeling, L. M., Hechtlinger, S., Kozyreva, A., Samaan, L., & Fleischhut, N. (2020). Wie informiert sich die Bevölkerung in Deutschland rund um das Coronavirus? Umfrage zu vorherrschenden Themen und Gründen, dem Umgang mit Fehlinformationen, sowie der Risikowahrnehmung und dem Wissen der Bevölkerung rund um das Coronavirus (Version 5, p. 966670) [Application/pdf]. Max-Planck-Institut für Bildungsforschung. https://doi.org/10.17617/2.3247925

  24. Aug 2020