News by Professionals 4 Professionals


R.I. judiciary reviews policy barring deputy sheriffs from carrying …

Most court security staff nationwide are armed with guns, but in Rhode Island, deputy sheriffs are barred from carrying guns inside state courthouses.

Katie Mulvaney Journal Staff Writer kmulvane

PROVIDENCE, R.I. After two Superior Court appearances were quickly followed by shootings, discussions are afoot in the state judiciary about changing the policy that bars deputy sheriffs from carrying guns. One of the episodes ended in a 22-year-old man’s murder at the Chad Brown housing complex minutes after he attended an arraignment. The other resulted in a brazen midday shooting in downtown Providence, just a block from the courthouse, leaving a Pawtucket man seriously injured and courthouse staff shaken. The incidents have sparked renewed discussion about the courts’ gun policy.

“It’s something we talk about with the judiciary. … We want to be proactive,” said state police Lt. Col. Kevin M. Barry, commanding officer of the Department of Public Safety, which oversees the Division of Sheriffs and the Capitol Police.

The issue is under review by state Supreme Court Chief Justice Paul A. Suttell and the other state court chiefs following a recent meeting with state police Col. Ann Assumpico, Barry, and the Rhode Island Police Chiefs Association board, Supreme Court administrator J. Joseph Baxter Jr. said last week. Baxter emphasized that the violence did not occur inside a courthouse.

“At no instance has it been a breach of courthouse security,” he said. “Our main objective is to be able to maintain a safe venue for people to have their disputes heard. Obviously, the sheriffs and the Capitol Police are an integral part.”

“We’re of a similar mindset. It’s worthy of discussion,” Barry said of the police chiefs’ association, whose leadership declined comment. Sheriffs provide courtroom security, transport defendants to and from prison, and stand watch over juries. As things stand, deputies’ guns are secured in strategic locations in courthouses for retrieval if needed.

Barry noted concerns about suspects potentially seizing weapons from sheriffs, but said holster improvements now make it difficult for a weapon to be removed. Even so, Baxter wondered: “By allowing weapons in, would they get in the hands of the wrong person?”

The no-weapons policy has been in place since 2003, when then Supreme Court Chief Justice Frank J. William issued an executive order barring anyone, other than the Capitol Police, from carrying any weapons in courthouses. The order came after a security review of state courts by the U.S. Marshals Service. Before that, police could carry guns in the courts, and each high sheriff set a different weapons policy for that county s courthouse, according to Craig Berke, courts spokesman.

Capitol Police, who carry guns, screen all visitors before they enter courthouses. Staff and lawyers swipe in via a card key, but are not screened. Law enforcement officers sign in and check their guns. Since 2015, some deputy sheriffs have carried Tasers in addition to batons, pepper spray and handcuffs. The Tasers deliver a jolt of electricity that incapacitates by disrupting muscle control. Sixty-four sheriffs now carry Tasers, adding a layer of protection, Baxter said. Perimeter security remains a concern, Baxter said, as cuts in the ranks of sheriffs over the past few years have “decimated” the division’s ability to extend coverage beyond the courthouses. Currently, there are 179 deputy sheriffs, with 17 added last fall from the latest graduating training-academy class.

“It all goes back to manpower,” Baxter said. “They do a fine job. There aren’t enough of them.”

Due to the shortage, the judiciary has suspended school tours and occasionally has to close courtrooms, he said. In the meantime, state police plan to work with the Providence Police Department to boost security outside the courthouses, particularly during known gang trials or court appearances by gang associates, Barry said. “We’re going to put some more presence outside.”

An analyst with the National Center for State Courts said Rhode Island is unique among the states in that the judiciary has broad power to determine what weapons law enforcement personnel can carry in the courts. Most court security staff nationwide are armed with guns, as dictated by state laws. By the numbers

Sheriffs Division Budget 2017: $18.2 million

Sheriffs: 179

Sheriffs carrying Tasers: 64

Sources: Rhode Island state budget; Supreme Court administrator J. Joseph Baxter Jr.

[email protected]

(401) 277-7417

On Twitter: @kmulvane

What healthcare organizations need to hear from their CISOs

After nearly eight years as chief information security officer at Temple Health University Health System, Mitch Parker last September joined Indiana University Health. There, he told executives what he had told his team at Temple cyber threats are not an information technology department problem but a security problem. CISOs who are new to an organization need to stress the challenges that cyber threats represent and the adequacy, or lack thereof, of current security procedures, Parker said Sunday during a presentation at HIMSS17. That starts with educating other executives about breaches why they occur in the first place, the importance of discussing the technology behind breaches, but most importantly, the processes and failures that cause breaches.

What Healthcare Organizations Need To Hear From Their CISOs Mitch Parker

CISOs should talk about the cyber environment using non-biased sources from firms such as Gartner, Ponemon and health insurers to report to colleagues on trends and emerging threats. And they need to insist that the organization join cyber threat sharing initiatives across their region and the industry.

Also See: 4 reasons to prioritize cloud security this year[1]

Information security must be tied to two enterprise levels information systems and the organization strategy, Parker stressed. Metrics need to focus on augmenting and supporting the overall strategy, he adds. Parker suggested adopting the Lean methodology for improving security performance, as the program is all about process improvements and asking why less than optimal processes continue to exist. And employees responsible for information security, regardless of where in the organization, should be told that they need to understand Lean. Further, Lean should be used to design and maintain systems covering business customers, enterprise architecture, legal contracting, compliance, supply chain and enterprise risk scoring, making sure that various teams are on the same page with security.

This is grunt work, Parker warned: You can t buy your way into this.

Also See: 10 lessons learned from 2016 s biggest data breaches[2]

If an organization decides to purchase cyber insurance, it must understand the need to complete a comprehensive risk assessment that includes pointed questions to determine the strength of the security program. Not only are insurers looking for that assessment, but so also is the HHS Office for Civil Rights, which enforces the HIPAA privacy, security and breach notification rules. Good information security, Parker said, has its hooks in clinical risk management, insurance, emergency preparedness, privacy, corporate compliance, supply chain, revenue cycle, information management and Joint Commission requirements, among others. To be successful with this laundry list, an organization must embrace change management in an overall enterprise model, Parker advised. If one player says, I do my own change management, it won t work. Either there s one change management program or there s none.


  1. ^ 4 reasons to prioritize cloud security this year (
  2. ^ 10 lessons learned from 2016 s biggest data breaches (

CompliancePoint Expands Its Healthcare Information Security …

CompliancePoint can help organizations earn HITRUST certification, the most widely recognized security certification in the healthcare industry.

ATLANTA, GA (PRWEB) February 20, 2017

CompliancePoint[1]‘s Information Security practice group, a provider of information security assessment and compliance services, is proud to announce its designation as a HITRUST CSF Assessor by the Health Information Trust Alliance[2] (HITRUST). With this achievement, CompliacePoint is now approved to provide services using the HITRUST CSF, a comprehensive security framework that addresses the multitude of security, privacy and regulatory challenges facing healthcare organizations in order to comply with healthcare (HIPAA, HITECH), third-party (PCI, COBIT) and government (NIST, FTC) regulations and standards.

CSF Assessors are critical to helping uphold information security and privacy standards for the healthcare industry and a core component of the HITRUST CSF program by providing trained resources to healthcare organizations of varying size and complexity to assess compliance with security control requirements and document corrective action plans that align with the CSF. As a CSF Assessor, CompliancePoint serves as a key component of the program by providing its assessment and remediation services.

“The information security landscape is constantly evolving and healthcare organizations face a variety of challenges related to data security and patient privacy,” said Greg Sparrow, Vice President & General Manager of CompliancePoint’s Information Security practice. “We are delighted to be a part of the HITRUST program and be able to help our clients earn the most widely recognized security certification in the healthcare industry.”

“We are pleased to have CompliancePoint as a CSF Assessor[3] to help healthcare organizations with the process of adopting and utilizing the CSF’s requirements and give their customers confidence in the protection of their information,” said Ken Vander Wal, Chief Compliance Officer, HITRUST. “The company’s long-standing expertise and leadership in health IT privacy and security solutions make it a perfect addition to our program.”


About CompliancePoint
CompliancePoint delivers the governance, protections and assurances organizations need to succeed in an interconnected and data-driven world. CompliancePoint’s Information Security practice group helps organizations manage risk by providing compliance assessment, cyber security, and managed security services. CompliancePoint also offers these services for a wide range of industry and regulatory standards such as PCI DSS, HIPAA/HITECH, HITRUST, SSAE SOC, ISO 27001, FISMA/NIST, FedRamp. For more information, visit[4] or call (855) 670-8780.

For the original version on PRWeb visit:[5]


  1. ^ CompliancePoint (
  2. ^ Health Information Trust Alliance (
  3. ^ CSF Assessor (
  4. ^ (
  5. ^ (
1 2 3 711