This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
5. - Your questions answered: Read more in this section
- Mike Chapple, Enterprise Compliance
- Joseph Granneman, security management
Explore other sections in this guide:
Joseph Granneman is SearchSecurity.com's resident expert on information security management (click the tab "Ask a question" tab above to submit your question for Joe). He has more than 20 years of technology experience, primarily focused in health care information technology.
He is an active independent author and presenter in the health care information technology and information security fields. He is frequently consulted by the media and interviewed on various health care information technology and security topics. He has been focused on compliance and information security in cloud environments for the past decade with many different implementations in the medical and financial services industries.
Granneman has been active in many standards groups, including the developing the early frameworks for Health Information Exchange as part of the Health Information Security and Privacy Security Working Group for Illinois. He was also a volunteer for Certification Commission for Health Information Technology (CCHIT) Security Working Group, which developed the information security standards for ARRA certification of electronic medical records. He is currently a member of the Metropolitan Chicago Healthcare Council HIE Planning & Technology committee. He also continues to be involved in InfaGard and the Chicago Electronic Crimes Task Force. Granneman has a BS in Music Business from Millikin University and an MBA from Northern Illinois University.
Do you have a question for our experts?
Contributions from Joseph Granneman, security management
- How the Affordable Care Act impacts information security
- Three ways CISOs can make security a priority for the C-suite
- How to avoid being a statistic in the 2014 Verizon DBIR
- Can the RACI matrix assess human-related risk?
- Introduction to the MEHARI risk management framework
- What to take from Department of Defense mobile device guidelines
- FEMA's National Mitigation Framework and disaster preparedness
- Do the NSA leaks change how corporate data is defended?
- To successfully fill the CISO role, focus on winning influence
- Can enterprises still store encryption keys in the cloud?
- How to measure security vendors' promises versus enterprise needs
- Security certification training: How to select the right program
- How much attention do insider threats actually warrant?
- Choosing the right IT security framework
- Decoding the mysteries of steganography
- Talking to execs: How to make a good first impression
- Best practices for choosing security software products
- The best way to study for the CISSP certification exam
- CASP certification: A mile wide and an inch deep
- Making sense of information security threat reports