Archive for August, 2013

As banking transactions occur in an evermore electronic realm, regulations, monitoring, and detection solutions are required to protect consumers from privacy breaches, cyber fraud and even faceless maliciousness executed by 21st century criminals such as botnets.

What is a botnet? Microsoft provided a breakdown of where the terminology came from: “The term bot is short for robot. Criminals distribute malicious software (also known as malware) that can turn your computer into a bot (also known as a zombie). When this occurs, your computer can perform automated tasks over the Internet, without you knowing it”.

Criminals typically use bots to infect large numbers of computers. These computers form a network, or a botnet. Criminals use botnets to send out spam email messages, spread viruses, attack computers and servers, and commit other kinds of crime and fraud. If your computer becomes part of a botnet, your computer might slow down and you might inadvertently be helping criminals.

This threatening new world requires vigilance not only by banking institutions by consumers themselves.

The Federal Financial Institutions Examination Council (FFIEC) was formed in 1979 to create standards for the federal examination of banks, credit unions and other financial institutions. A number of agencies in the financial industry are involved with the FFIEC including the Federal Reserve System, the Federal Deposit Insurance Corporation and representatives of several state regulatory associations.

Every U.S. financial institution is regulated by a relevant federal agency which has the power to oversee entities and take action against violations of laws, rules or regulations, unsafe practices and breaches of fiduciary duty. The FFIEC’s Consumer Help Center ( http://www.ffiec.gov/consumercenter/default.aspx ) helps consumers with complaints about their financial institution find the appropriate regulatory agency.

Among its compliance reporting initiatives, the FFIEC offers interpretation, technical reporting requirement and FAQs for financial institutions explaining a veritable alphabet soup of acronyms including the HMDA (Home Mortgage Disclosure Act), the CRA (Community Reinvestment Act) and the S.A.F.E. Act (Secure and Fair Enforcement for Mortgage Licensing Act). The FFEIC website also provides financial institutions with access to a rate spread calculator, census reports and a mapping system for geocoding loans to ensure institutions are meeting legal reporting requirements.

When it comes to fighting fraud, Users have power they may not be enabling to protect themselves including basic protocols like using strong passwords, protecting personal information and vigilance of personal accounts. Banking institutions that educate their consumers and correct user behavior do better at reducing and catching fraud schemes.  Users, including consumers, have a responsibility to ensure the security of the overall system.

RISC Management & Consulting can help financial institutions navigate the maze of privacy rules, security regulations and reporting requirements and create consumer education programs that ensure compliance and security. RISC can assist your organization in developing priorities, creating policies and procedures, identifying timelines, and we can even carry them out for you. RISC can assist you in preparing or assessing your systems, infrastructure and practices against the FFIEC IT Handbook.

Sources:

http://www.ffiec.gov/

http://ffiec.bankinfosecurity.com/

http://www.microsoft.com/security/resources/botnet-whatis.aspx

Protecting Data Assets and Managing Risks September 23-24, 2013

Leon Rodriguez

Leon Rodriguez

Opening Keynote Leon Rodriguez-Director, Office for Civil Rights

Featured Speakers Joy Pritts, and Jennings Aske

Two Days Event at the Intercontinental Boston- Boston, MA

“Attendees will learn from their peers and take with them valuable, actionable lessons that will help strengthen their own privacy and security efforts.”

http://healthprivacyforum.com/

Virtual Events

Posted: August 2, 2013 by RISC in Education, Meaningful Use, News Events

Upcoming Event: August 7, 2013

Successful Path towards Achieving Meaningful Use Initiatives: A HIMSS Virtual Briefing

HIMSS is a global, cause-based, not-for-profit organization focused on better health through information technology (IT). HIMSS leads efforts to optimize health engagements and care outcomes using information technology.

HIMSS Virtual Event Synopsis: Meaningful Use will be addressed beyond Stage 1 criteria. HIMSS subject matter experts (SME) will discuss the tools, the guidance, and the know-how to continue on a successful path towards achieving Meaningful Use initiatives throughout 2014. During this virtual briefing, SME will review how to prepare for a CMS EHR Incentive audit, provide an overview of Meaningful Use Stage 2 criteria, as well as how to engage patients more effectively during the EHR adoption process, in order to ensure and realize the many benefits that can be recognized in the Meaningful Use Health IT journey.

Visit HIMSS for more information: http://www.himssvirtual.org/home/index.asp