Category: Compliance

Compliance

SOC 2: The Ultimate Guide

Overview SOC 2 was created by the American Institute of Certified Public Accountants (AICPA), a professional organization for certified public accountants in the United States.

Read More
Compliance

SOC 1 vs SOC 2 vs SOC 3

SOC (Service Organization Control) audit reports are used to assess the security and control of a service provider’s system and the services they provide to

Read More
Compliance

ISO 27001 Overview

ISO 27001 is an international Standard for the implementation of an enterprise-wide Information Security Management System (ISMS), an organized approach to maintaining confidentiality, integrity and availability (CIA) in an organization.

Read More
Compliance

GDPR: The Ultimate Guide

Overview The General Data Protection Regulation (GDPR) was introduced by the European Union (EU) to regulate the processing of personal data and to harmonize data

Read More
Compliance

HITRUST Framework: Explanation, Phases, and Components

The HITRUST CSF is a framework that normalizes security and privacy requirements for organizations, including federal legislation (e.g., HIPAA), federal agency rules and guidance (e.g., NIST), state legislation (e.g., California Consumer Privacy Act), international regulation and industry frameworks.

Read More
Compliance

HIPAA: Business Associates Explained

According to HHS, any individual or entity that performs functions or activities on behalf of a covered entity that requires the business associate to access PHI is considered a business associate.

Read More
Cloud Security

AWS HIPAA

AWS enables covered entities and their business associates subject to the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA) to use the secure AWS environment to process, maintain, and store protected health information.

Read More
Compliance

HIPAA Security Rule summary

The Security Rule operationalizes the protections contained in the Privacy Rule by addressing the technical and non-technical safeguards that organizations called “covered entities” must put in place to secure individuals’ “electronic protected health information” (e-PHI)

Read More

13 Security Blog

Get email alerts when we publish new blog articles!