Compliance Standards Archives

Soc 2 Auditing Guide

by RSI Security January 10, 2020January 14, 2020

Data is growing faster than it ever has before. But it is starting to become the biggest risk of every organization. The convenience and collaboration of using data stores in the cloud means that companies and hackers have more information and more access to it by design.

January 10, 2020January 14, 2020 0 comment

How The Healthcare Industry Can Improve Their IT Security

by RSI Security January 7, 2020January 8, 2020

written by RSI Security

The healthcare industry has come a long way in improving patient care. Lifesaving instruments such as pacemakers and insulin pumps are now combined with connectivity. Remote monitoring by a health professional can track dramatic spikes in a patient’s heart rhythms. An alert is then sent to a physician for preventative measures. It’s a lot better than repairing damage after the fact.

January 7, 2020January 8, 2020 0 comment

California Consumer Privacy Act (CCPA)

Consumer Rights Under CCPA: What You Need to Know

by RSI Security January 6, 2020January 7, 2020

written by RSI Security

Is your business ready for the California Consumer Privacy Act (CCPA)? If you handle consumers’ personal information, resolve to get in compliance before it’s too late. Starting January 1, 2020 consumers are going to be entitled to protection from companies selling personal information to other third-party companies without their knowledge. They are also going to be entitled to relief from wrongful sharing of their personal information, whether or not it was leaked on purpose. Read on to find out what these new protections are and what you can do about them to reduce your liability.

January 6, 2020January 7, 2020 0 comment

HIPAA / Healthcare Industry PCI DSS

What’s The Difference Between HIPAA And PCI Compliance?

by RSI Security December 31, 2019January 14, 2020

written by RSI Security

“PCI” stands for “payment card industry,” commonly associated with the longer-named Payment Card Industry Data Security Standard (PCI DSS). This is a set of rules that outlines the accepted security standards for credit and debit cards, whether they’re used online or in person.

December 31, 2019January 14, 2020 0 comment

HITRUST

Should My Company Become A HITRUST Assessor?

by RSI Security December 30, 2019December 31, 2019

written by RSI Security

Companies that broadly occupy the security space might consider a new service they could offer at the intersection of healthcare and cybersecurity: becoming a HITRUST assessor.

All kinds of personal data already lives online, but now we’re faced with medical categories of data being usefully stored there as well. And the cynics and realists alike know that anything stored online is fundamentally vulnerable to cyber attacks

December 30, 2019December 31, 2019 0 comment

HITRUST

How To Prepare For A HITRUST Audit ?

by RSI Security December 27, 2019December 31, 2019

written by RSI Security

Healthcare organizations pursue HITRUST certification because they want to demonstrate productive forward motion on cybersecurity mindfulness. A mark of HITRUST compliance means that a business has taken steps to interrogate its technological infrastructure for flaws and potential improvements.

December 27, 2019December 31, 2019 0 comment

SOC 2

Everything You Need to Know About Service Organization Control Reporting

by RSI Security December 23, 2019December 24, 2019

written by RSI Security

System and Organization Controls (SOC) reports are an essential method for service organizations to build trust and confidence in software and service delivery processes and controls that protect information and systems against risks, including unauthorized access and damage to systems. The SOC report framework, previously referred to as Service Organization Controls, was developed by the American Institute of Certified Public Accounts (AICPA) to be managed by independent third party certified public accountants (CPAs).

December 23, 2019December 24, 2019 0 comment

PCI DSS

Does PCI Compliance Apply to Payment Facilitators?

by RSI Security December 13, 2019January 14, 2020

written by RSI Security

The last thing anyone wants is to become a victim of fraud. Losing hard-earned money to a nefarious or ill-equipped website is still a fear for many Americans. In fact, in a survey on fraud in online shopping conducted by Paysafe, a leading global payments provider, researchers found that 59 percent of Americans believe fraud to be an inevitable part of online shopping.

Certainly then, ensuring customers feel secure when making any payments using credit cards is crucial to company success. Another survey on security measures conducted by Lost in Translation indicated that 71 percent of consumers are “open to the introduction of more secure payment processes such as two-factor authentication.”

December 13, 2019January 14, 2020 0 comment

HIPAA / Healthcare Industry IT Security & Cybersecurity Awareness Training

What Your HR Team Needs to Know About HIPAA?

by RSI Security December 9, 2019December 18, 2019

written by RSI Security

When it was first created, the Health Insurance Portability and Accountability [HIPAA] Act was enacted in order to safeguard a patient’s protected health information [PHI]. Over the years, the policy has evolved so that both covered entities and business associates are beholden to the rules and regulations mandated via HIPAA. However, even the businesses outside of that specific purview should be aware of HIPAA’s rules and act in accordance, particularly since all employers will possess at least some employee PHI.

Violations of HIPAA can result in serious legal ramifications to both your business and any employees who are found guilty of such breaches. Therefore, it’s essential that your HR team is trained in HIPAA compliance procedures and protocols, especially if you’re a covered entity or business associate. Below, we’ll discuss everything you need to know about HIPAA and HIPAA training for HR professionals.

December 9, 2019December 18, 2019 0 comment