Obtaining a SOC 2 report requires an investment of both time and money for a service organization and, at some point, might seem like more work than it’s worth. However, the advantages to obtaining a SOC 2 report far outweigh the initial investment.
Tag: Risk
HIPAA Gap Analysis: Critical & Recent Compliance Gaps You Need to Know
Healthcare providers, payers, exchanges, and many service providers to the healthcare industry are under increased pressure to demonstrate their compliance with the security and privacy requirements of HIPAA.
Information Security Risk Management: A Comprehensive Guide
Some people may not believe this, but information security’s purpose is, or should be, to serve the business and help the company understand and manage its overall risk. Sure, there are some security professionals that appear to have the goal of spending as much money as possible and getting the latest and greatest software, and there are also some that like to say “no”…for everything…all the time, but the good ones are there to help.
The 10 Generally Accepted Privacy Principles
The ten generally accepted privacy principles that are essential to the proper protection and management of personal information are:
HIPAA Record Retention Requirements: How Long Should We Retain ePHI Data?
One of the areas we are required to evaluate on every HIPAA audit or compliance assessment is whether our client is compliant with HIPAA’s record retention requirements.
Increased Need for Information Security Governance
Recent breaches highlight the need for increased information security governance.
So Many Terms…What Do They All Mean?
It is easy to feel overwhelmed by all of the terminology surrounding an audit. Here is a list of frequently used terms and their meanings: