Blog

Sara Kassabian

Sara Kassabian
Sara manages communication and content marketing for TrueVault.
Find me on:

Recent Posts

What happens after a data breach?

by Sara Kassabian January 17, 2019

If your company aligns its data processing activities with the principles of privacy by design, the likelihood of a data breach happening is less than if you don’t adhere to these principles. However, in the event a data breach does occur, the penalties under the General Data Protection Regulation (GDPR or “The Regulation”) are harsh. In this fourth blog, we unpack the consequences facing businesses that experience a data breach.

Read More

Privacy by design: Key philosophy of GDPR

by Sara Kassabian January 16, 2019

This is the third in a series of blog posts that summarize some of the key concepts of the European Union’s new General Data Protection Regulation (GDPR or “the Regulation”). Our previous posts answered two frequently asked questions: What is GDPR? and Does my business need to be GDPR compliant?. In this next blog post, we unpack one of the key principles of the Regulation — privacy by design.

Read More

Does GDPR apply to my company?

by Sara Kassabian January 15, 2019

The first blog post in our series introduced some of the fundamental concepts of GDPR. In this second blog post, we answer a question that many business owners are asking: how do I know if my business needs to be GDPR compliant?

Read More

Introduction to GDPR

by Sara Kassabian January 14, 2019

The scope of the European Union’s new General Data Protection Regulation (GDPR) is far-reaching, and has turned lives upside down for many businesses that are sustained by collecting personal data from consumers.

Read More
Search-1

Inside the Vault: Searching and Fetching Data

by Sara Kassabian December 4, 2018

Virtually any business that works in the healthcare space will be accessing and managing health information. If personally identifiable information (PII) is linked with medical information, that data is considered protected health information (PHI), a special class of data that must be secured according to HIPAA standards. But building a HIPAA-compliant application requires expert knowledge in engineering for security as well as the law itself. There are few small businesses that have the...

Read More
Hubspot_Authentication

Inside the Vault: How data flows in TrueVault

by Sara Kassabian November 20, 2018

Virtually any business that works in the healthcare space will be accessing and managing health information. If personally identifiable information (PII) is linked with medical information, that data is considered protected health information (PHI), a special class of data that must be secured according to HIPAA standards. But building a HIPPA-compliant application requires expert knowledge in engineering for security as well as the law itself. There are few small businesses that have the...

Read More

Will the midterms impact tech?

by Sara Kassabian November 13, 2018

There are few issues that garner bipartisan consensus among United States lawmakers these days, but a desire to regulate Silicon Valley has proponents on both sides of the aisle. Naturally, the priorities and means for regulation differ largely according to a lawmakers’ constituents and region, political priorities and political party.

Read More
Malware Photojpg

Is antivirus software good or bad?

by Sara Kassabian November 6, 2018

Everyone remembers working on the home desktop and seeing the alert pop-up in the right-hand corner of your screen: time to upgrade your (Name Brand) antivirus software. Clicking it takes you to a web page where the company tries to upsell you on the latest enhancements to their product. Today, antivirus software (AV) or more precisely, antimalware software, is more sophisticated, and some security experts will say, begrudgingly, that tools like Windows Defender are “mostly good enough” for...

Read More
adult-african-descent-american-1061579

What's the difference between PII and personal data?

by Sara Kassabian October 30, 2018

The two data protection regulations that TrueVault technology helps companies comply with are the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR). Both HIPAA and GDPR introduce distinct but related concepts surrounding what information constitutes as “personal”. In this blog, we clarify and untangle these definitions.

Read More
iStock-912978286

Explaining Business Associate Agreements

by Sara Kassabian October 23, 2018

If your business is exploring opportunities in the healthcare industry, chances are you will be working with health information that contains identifying details, also known as protected health information (PHI).

Read More
Holypsud...

How does data de-identification work?

by Sara Kassabian October 16, 2018

Previously, we answered a commonly asked question: What constitutes as protected health information (PHI)? This time, we take our series a step further, and explain how de-identifying PHI will allow your business to work with health behavior data without liability.

Read More
Presentation1 2018-10-11 15-30-07-1

What is PHI?

by Sara Kassabian October 9, 2018

Last week, we broke down the working definitions of personally identifiable information (PII) as it applies to laws like GDPR and CCPA. But there are laws that extend even further beyond regulating how businesses can collect and store personally identifiable information (PII) when health information is involved.

Read More
pii-horizontal

What is personally identifiable information (PII)?

by Sara Kassabian October 2, 2018

TrueVault is in the business of protecting personally identifiable information (PII) collected on behalf of your company. PII is different from other types of data, and by storing PII in our SecureVault, we limit the legal liability for businesses that interact with this sensitive data.

Read More
aws-truevault-02a

Comparing TrueVault and HIPAA Compliant Hosting Services

by Sara Kassabian September 25, 2018

Clients ask us a lot: What is the difference between TrueVault and HIPAA compliant hosts, such as Amazon Web Services (AWS)? The answer really comes down to risk. If you’re looking for a ready made solution to HIPAA compliance, use TrueVault. If you’re confident in your ability to build from scratch a secure and lawful platform that can store protected health information (PHI) — essentially, build your own version of TrueVault — then you’ll start with a HIPAA compliant host, such as AWS.

Read More
All posts

Latest Posts

Should Utah's Privacy Law Be on Your Radar?

Phillip Walters / November 17, 2022

Connecticut’s Privacy Law: Does It Apply to Your Business?

Phillip Walters / November 10, 2022

Global Privacy Control: A New Requirement for Compliance

Phillip Walters / November 7, 2022

A Cookie Banner Isn't Enough for CCPA Compliance

Phillip Walters / October 27, 2022

Why CCPA Compliance Matters to HR

Phillip Walters / October 21, 2022

Mailing List

Company

Developers

Latest Posts

Contact Us

201 Mission Street, 12th Floor
San Francisco, CA 94105
Email: hello@truevault.com

2024 © All Rights Reserved.  Privacy Policy  |  Terms of Use  |  Supplemental Terms | California Privacy Notice