Import/export controls
Import/export controls: Import/export controls refer to regulations and compliance measures applied to the cross-border transfer of sensitive technologies, including dual-use items, military goods, encryption software, and other cybersecurity-related tools. These controls are designed to prevent items from being used for purposes that could threaten national security or interests.
Identity Assurance Levels (IALs)
Identity Assurance Levels (IALs): Levels of assurance used to evaluate the trustworthiness of an individual’s claimed identity. IALs are used in online identity verification processes to determine the level of access an individual should be granted. Examples include IAL1 (lowest level of assurance) and IAL3 (highest level of assurance). IALs also relate to the methods […]
Health Information Technology for Economic and Clinical Health Act (HITECH Act) (US)
Health Information Technology for Economic and Clinical Health Act (HITECH Act) (US): A US law enacted as part of the American Recovery and Reinvestment Act of 2009. The act promotes the adoption and meaningful use of health information technology, specifically electronic health records. One of its significant aspects related to security is that it expands […]
Health Insurance Portability and Accountability Act (HIPAA) (US)
Health Insurance Portability and Accountability Act (HIPAA) (US): A US law passed in 1996 that sets standards for the protection of certain health information. The Privacy Rule, a key component of HIPAA, protects the privacy of individually identifiable health information, and the Security Rule, another key component, sets national standards for the security of electronically […]
Hearsay evidence
Hearsay evidence: Any statement made outside of the courtroom that is presented in court to prove the truth of the matter asserted. In cybersecurity, it may refer to a third-party report or statement about a cyber incident, attack, or vulnerability. This evidence is typically inadmissible in court due to its unverifiable nature, except under specific […]
HITRUST (Health Information Trust Alliance)
HITRUST (Health Information Trust Alliance): A common security framework used in the healthcare industry to ensure the privacy and security of electronic protected health information (ePHI). It is used by healthcare organizations to assess and mitigate risks to ePHI and to meet regulatory requirements. Examples of organizations using HITRUST include hospitals, clinics, and insurance companies.