Rebecca Herold – författare

Many Smart Grid books include "privacy" in their title, but only touch on privacy, with most of the discussion focusing on cybersecurity. Filling this knowledge gap, Data Privacy for the Smart Grid provides a clear description of the Smart Grid ecosystem, presents practical guidance about its privacy risks, and details the actions required to protect data generated by Smart Grid technologies. It addresses privacy in electric, natural gas, and water grids and supplies two different perspectives of the topic—one from a Smart Grid expert and another from a privacy and information security expert.The authors have extensive experience with utilities and leading the U.S. government’s National Institute of Standards and Technologies (NIST) Cyber Security Working Group (CSWG)/Smart Grid Interoperability Group (SGIP) Privacy Subgroup. This comprehensive book is understandable for all those involved in the Smart Grid. The authors detail the facts about Smart Grid privacy so readers can separate truth from myth about Smart Grid privacy. While considering privacy in the Smart Grid, the book also examines the data created by Smart Grid technologies and machine-to-machine (M2M) applications and associated legal issues. The text details guidelines based on the Organization for Economic Cooperation and Development Privacy Guidelines and the U.S. Federal Trade Commission Fair Information Practices. It includes privacy training recommendations and references to additional Smart Grid privacy resources.After reading the book, readers will be prepared to develop informed opinions, establish fact-based decisions, make meaningful contributions to Smart Grid legislation and policies, and to build technologies to preserve and protect privacy. Policy makers; Smart Grid and M2M product and service developers; utility customer and privacy resources; and other service providers and resources are primary beneficiaries of the information provided in

Today, more than ever, organizations have to cope with increased concerns regarding privacy issues. These concerns are not limited to consumer fears about how information collected by Web sites will be used or misused. They also involve broader issues, including data collected for direct response marketing, privacy of financial and health records, identity theft, and fraud. Employees are raising questions about acceptable use of phones, e-mail, the Web, and if and when employers can monitor use. Employers find that without policies governing use of these assets, they have no legal basis for action against employees.The Privacy Papers: Managing Technology, Consumer, Employee, and Legislative Actions is a book for C-level executives, IT managers, HR managers, security officers, privacy officers, and legal professionals. It covers all aspects of technology and legislation that enable privacy and also those that place it at risk. This how-to guide presents sample policies for employee training, awareness, and acceptable use; covers why companies must protect data and how to do it; describes the technology that makes information more private; and lists and summarizes major federal and international privacy legislation.Corporate espionage can put sensitive company information such as intellectual property, product development, marketing plans, and customer files at risk. With the ever-increasing legislation concerning privacy, it is important for executives to stay up to date. The Privacy Papers will ensure that any company conducting business domestically or internationally will understand how policies governing use of their assets will affect daily operations.

Following in the footsteps of its bestselling predecessor, The Practical Guide to HIPAA Privacy and Security Compliance, Second Edition is a one-stop, up-to-date resource on Health Insurance Portability and Accountability Act (HIPAA) privacy and security, including details on the HITECH Act, the 2013 Omnibus Rule, and the pending rules. Updated and revised with several new sections, this edition defines what HIPAA is, what it requires, and what you need to do to achieve compliance. The book provides an easy-to-understand overview of HIPAA privacy and security rules and compliance tasks. Supplying authoritative insights into real-world HIPAA privacy and security issues, it summarizes the analysis, training, and technology needed to properly plan and implement privacy and security policies, training, and an overall program to manage information risks. Instead of focusing on technical jargon, the book spells out what your organization must do to achieve and maintain compliance requirements on an ongoing basis.

Charged with ensuring the confidentiality, integrity, availability, and delivery of all forms of an entity's information, Information Assurance (IA) professionals require a fundamental understanding of a wide range of specializations, including digital forensics, fraud examination, systems engineering, security risk management, privacy, and compliance. Establishing this understanding and keeping it up to date requires a resource with coverage as diverse as the field it covers. Filling this need, the Encyclopedia of Information Assurance presents an up-to-date collection of peer-reviewed articles and references written by authorities in their fields. From risk management and privacy to auditing and compliance, the encyclopedia’s four volumes provide comprehensive coverage of the key topics related to information assurance. This complete IA resource: Supplies the understanding needed to help prevent the misuse of sensitive informationExplains how to maintain the integrity of critical systemsDetails effective tools, techniques, and methods for protecting personal and corporate data against the latest threatsProvides valuable examples, case studies, and discussions on how to address common and emerging IA challengesPlacing the wisdom of leading researchers and practitioners at your fingertips, this authoritative reference provides the knowledge and insight needed to avoid common pitfalls and stay one step ahead of evolving threats.Also Available OnlineThis Taylor & Francis encyclopedia is also available through online subscription, offering a variety of extra benefits for researchers, students, and librarians, including:Citation tracking and alertsActive reference linkingSaved searches and marked listsHTML and PDF format optionsContact Taylor and Francis for more information or to inquire about subscription options and print/online combination packages.US: (Tel) 1.888.318.2367; (E-mail) e-reference@taylorandfrancis.comInternational: (Tel) +44 (0) 20 7017 6062; (E-mail) online.sales@tandf.co.uk

Starting with the inception of an education program and progressing through its development, implementation, delivery, and evaluation, Managing an Information Security and Privacy Awareness and Training Program, Second Edition provides authoritative coverage of nearly everything needed to create an effective training program that is compliant with applicable laws, regulations, and policies. Written by Rebecca Herold, a well-respected information security and privacy expert named one of the "Best Privacy Advisers in the World" multiple times by Computerworld magazine as well as a "Top 13 Influencer in IT Security" by IT Security Magazine, the text supplies a proven framework for creating an awareness and training program. It also: Lists the laws and associated excerpts of the specific passages that require training and awarenessContains a plethora of forms, examples, and samples in the book’s 22 appendicesHighlights common mistakes that many organizations make Directs readers to additional resources for more specialized informationIncludes 250 awareness activities ideas and 42 helpful tips for trainersComplete with case studies and examples from a range of businesses and industries, this all-in-one resource provides the holistic and practical understanding needed to identify and implement the training and awareness methods best suited to, and most effective for, your organization. Praise for:The first edition was outstanding. The new second edition is even better ... the definitive and indispensable guide for information security and privacy awareness and training professionals, worth every cent. As with the first edition, we recommend it unreservedly..—NoticeBored.com

Following in the footsteps of its bestselling predecessor, The Practical Guide to HIPAA Privacy and Security Compliance, Second Edition is a one-stop, up-to-date resource on Health Insurance Portability and Accountability Act (HIPAA) privacy and security, including details on the HITECH Act, the 2013 Omnibus Rule, and the pending rules. Updated and revised with several new sections, this edition defines what HIPAA is, what it requires, and what you need to do to achieve compliance. The book provides an easy-to-understand overview of HIPAA privacy and security rules and compliance tasks. Supplying authoritative insights into real-world HIPAA privacy and security issues, it summarizes the analysis, training, and technology needed to properly plan and implement privacy and security policies, training, and an overall program to manage information risks. Instead of focusing on technical jargon, the book spells out what your organization must do to achieve and maintain compliance requirements on an ongoing basis.