When an organization applies to become ISO 27001 certified, they are audited by a third-party external agency to ensure that its ISMS is aligned with the most current security requirements listed by ISO 27001. Usually, it is a Lead Auditor who heads these audits. During the audit, the lead auditor reviews the evidence produced and…
A CDC report states, ‘the number of telehealth service providers in the United States went up by 154% in 2020 compared to 2019’. This radical spike kept climbing even after the COVID-19 pandemic. Large volumes of medical data were transmitted over electronic mediums in this period alone. With this unexpected influx of ePHI (e- Protected…
You are here because somewhere in your business improvement plan because your business prospects specifically asked you for your SOC 2 certification. For a cloud hosted company processing sensitive customer data, this is not uncommon and a major sales unblocker. But in order to be certified, you should understand the nitty gritties of the process. …
If you’re in the healthcare industry, it’s important that you pay attention to the Health Insurance Portability and Accountability Act (HIPAA) because breaking its rules could land you in some serious trouble. You’re looking at hefty fines, at the very least. The more serious cases can lead to prison sentences. The Department of Health and…
The ISO 27001 certification process typically requires gaining familiarity with the standard, diligent planning, committed implementation, and ongoing maintenance. The readiness and existing processes of the organization determine the complexity of each of these steps. For first-time certification seekers becoming audit-ready and dealing with the back and forth with the auditor after the initial audit…
The Payment Card Industry Data Security Standards (PCI DSS) is a compliance framework that requires any organization processing card transactions or accepting payments via POS (Point Of Sale) and non-POS channels to follow specific requirements to ensure data integrity of the cardholder data against hackers and data breaches. The PCI DSS compliance process is both…
End of content
End of content