Compliance Standards Archives

Top PCI Compliance Security Challenges

by RSI Security January 21, 2022January 25, 2022

The Payment Card Industry Security Standards Council (PCI SSC) requires all organizations that collect, process, store, or transmit card payments to comply with security frameworks—of which the most widely applicable is the PCI Data Security Standards (DSS). Ultimately, the goal of the PCI DSS is to protect sensitive payment card information from breach risks. However, many organizations grapple with PCI compliance security challenges.

January 21, 2022January 25, 2022 0 comment

HIPAA / Healthcare Industry

How to Maintain HIPAA-Compliant Cloud Storage

by RSI Security January 18, 2022January 24, 2022

written by RSI Security

Healthcare providers are some of the main beneficiaries of IT advancements, and the advantages of cloud technologies are no exception. Cloud storage facilitates rapid access to patient data in healthcare settings to help guide medical evaluations and treatment decisions. However, the Health Insurance Portability and Accountability Act of 1996 strictly regulates the use and disclosure of protected health information (PHI), and cloud storage can potentially compromise compliance. So, how do you maintain HIPAA-compliant cloud storage?

January 18, 2022January 24, 2022 0 comment

HITRUST

What is a HITRUST Validated Assessment, and Does Your Organization Need One?

by RSI Security January 17, 2022January 18, 2022

written by RSI Security

The HITRUST CSF can help organizations streamline compliance across multiple regulatory frameworks, address security gaps, and strengthen overall cybersecurity. Compliance with the HITRUST CSF may require your organization to complete a HITRUST Validated Assessment to verify adherence to HITRUST CSF controls. Read on to learn more.

January 17, 2022January 18, 2022 0 comment

PCI DSS

SSL Security and PCI Compliance for eCommerce: Top Challenges and Considerations

by RSI Security January 13, 2022January 18, 2022

written by RSI Security

eCommerce businesses that process large volumes of card payment transactions must protect the sensitive data involved. Strong SSL security and PCI compliance for eCommerce practices can minimize data breach risks and enhance your overall eCommerce cybersecurity. Read on to learn about the top challenges and considerations.

January 13, 2022January 18, 2022 0 comment

HITRUST

Why choose the HITRUST CSF over other control frameworks like NIST SP 800-53 and ISO/IEC 27001?

by RSI Security January 10, 2022January 12, 2022

written by RSI Security

Organizations seeking streamlined solutions to their regulatory compliance requirements often look to comprehensive frameworks. The HITRUST CSF, the National Institute for Standards and Technology’s Special Publication 800-53 (NIST SP 800-53), and the International Organization for Standardization and International Electrotechnical Commission’s joint ISO/IEC 27001 are three prime examples of one-size-fits-all compliance. But which is best for your organization?

January 10, 2022January 12, 2022 0 comment

PCI DSS

Are You Eligible for PCI DSS Remote Assessment?

by RSI Security January 4, 2022January 6, 2022

written by RSI Security

Ongoing PCI DSS adherence mandates that applicable organizations complete security assessments to verify compliance. Although a Qualified Security Assessor (QSA) will conduct onsite compliance audits and attestations, you may be eligible for a PCI DSS remote assessment. Read on to learn if you’re eligible.

January 4, 2022January 6, 2022 0 comment

PCI DSS

Would Your Workforce Benefit from PCI Certification Training Modules?

by RSI Security January 2, 2022January 6, 2022

written by RSI Security

Organization-wide adherence to PCI compliance is critical to protecting sensitive cardholder data from cybersecurity threats. PCI certification training can help increase employee awareness and understanding of PCI security frameworks, ultimately strengthening your organization’s PCI data security. Read on to learn more about the various PCI certification training modules.

January 2, 2022January 6, 2022 0 comment

HIPAA / Healthcare Industry

Understanding Patient Data Security Risk Management Requirements for HIPAA

by RSI Security December 21, 2021December 27, 2021

written by RSI Security

Organizations within and adjacent to the healthcare industry must comply with HIPAA regarding their interactions involving protected health information (PHI). The HIPAA Security Rule outlines safeguards for patient data security risk management to help healthcare organizations minimize risk to PHI. Managing risks to PHI security is of the utmost importance and can help your organization mitigate data breaches. Read on to learn how.

December 21, 2021December 27, 2021 0 comment

NIST 800-171 / DFARS

Understanding the List of DFARS Compliant Countries 2021

by RSI Security December 16, 2021December 22, 2021

written by RSI Security

The US Department of Defense (DoD) spent $439.4 billion on contracts for products and services in 2020. That’s billions of tax dollars awarded to hundreds, if not thousands of companies contributing to US national defense. To get involved in this lucrative industry, contractors must abide by Defense Federal Acquisition Regulations Supplement (DFARS) requirements, such as limiting offshore acquisitions to organizations located in DFARS-compliant countries. Read on to review the list of DFARS-compliant countries (2021) and the safeguards that organizations must demonstrate to secure DoD contracts.

December 16, 2021December 22, 2021 0 comment