Compliance Standards Archives | Page 25 of 80

What are Covered Entities Under HIPAA?

by RSI Security March 29, 2023September 28, 2023

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) exists to secure protected health information (PHI). Most companies that provide healthcare services and their strategic partners need to implement HIPAA controls to protect stakeholders from cybercrime threats. Want to know if your company is a HIPAA-covered entity? Keep reading to discover if you are and what HIPAA compliance entails.

March 29, 2023September 28, 2023 0 comment

SOX 404

What Are the SOX 404 Requirements?

by RSI Security March 20, 2023August 15, 2025

written by RSI Security

Auditing laws cover various topics and industries from social media privacy to financial transactions. Each auditing process targets different weaknesses in order to tackle the risks that accompany technological advancements.

In particular, the multi-faceted Sarbanes-Oxley Act (SOX) deals with corporate operations and publicly traded companies. The 404 section requirement addresses financial documentation.

Are you aware of the SOX 404 requirements? Find out everything you need to know about compliance with our comprehensive guide.

March 20, 2023August 15, 2025 0 comment

CMMC

What is CUI Specified?

by RSI Security March 20, 2023May 31, 2023

written by RSI Security

Organizations that work closely with the US government need to take special precautions to safeguard data that government agencies deem sensitive. One of the most common kinds of data that needs protecting is Controlled Unclassified Information (CUI). And CUI Specified is some of the most tightly regulated CUI. So, what is CUI Specified, and how can you secure it?

March 20, 2023May 31, 2023 0 comment

NERC CIP

NERC CIP Standards Summary: All Mandatory Requirements, Explained

by RSI Security March 18, 2023May 30, 2025

written by RSI Security

Compliance with the NERC CIP standards is critical to mitigating cybersecurity risks to North America’s bulk electric system (BES), which is also known as the bulk power system (BPS). The NERC CIP provides a comprehensive list of security controls to help organizations effectively and securely operate the BES. Read our blog to get a sense of the NERC CIP standards summary.

March 18, 2023May 30, 2025 0 comment

PCI DSS

PCI DSS Compliance Testing

by RSI Security March 18, 2023May 30, 2025

written by RSI Security

The Payment Card Industry Security Standards Council (PCI SSC) requires all organizations that process card payments to protect cardholder data (CHD) and sensitive authentication data (SAD) from breach risks. PCI compliance testing is one of the best strategies to protect valuable CHD and SAD, requiring organizations to regularly test and scan systems to identify vulnerabilities.

March 18, 2023May 30, 2025 0 comment

California Consumer Privacy Act (CCPA)

Beginner’s Guide to Privacy By Design Principles

by RSI Security March 13, 2023January 6, 2025

written by RSI Security

Privacy by design (PbD) is a preventative approach to data privacy protection developed by Dr. Ann Cavoukian in the 1990s. Its initial purpose was to develop a robust, scalable model for data privacy that would surpass “privacy enhancing technologies” (PETs) and then-weaker regulatory compliance requirements to guarantee full data privacy.

March 13, 2023January 6, 2025 0 comment

HIPAA / Healthcare Industry

What are the Three Components of the HIPAA Security Rule?

by RSI Security March 13, 2023September 2, 2025

written by RSI Security

Healthcare organizations and their partners face growing privacy and security risks when handling patient data. To safeguard this information, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) sets strict requirements.

One of its most important provisions is the HIPAA Security Rule, which outlines how electronic protected health information (ePHI) must be stored, transmitted, and accessed securely.

The Security Rule is built on three main components that every covered entity and business associate must follow. Understanding these components is essential for compliance, and for protecting sensitive patient data against cyber threats.

March 13, 2023September 2, 2025 0 comment

SOX 404

Your SOX Compliance Audit Checklist

by RSI Security March 7, 2023September 5, 2023

written by RSI Security

Whether it’s taxes or compliance, the word “audit” is never something businesses want to hear. You might feel worried that you let something slip through the cracks, that you’ve forgotten a key requirement, or might be missing critical records. With all your other responsibilities in your business from employees to product, an audit is the last thing you want to worry about.

The Sarbanes-Oxley (SOX) Act affects all businesses, but our helpful SOX compliance audit checklist will make sure that you meet all the necessary requirements.

March 7, 2023September 5, 2023 2 comments

HIPAA / Healthcare Industry

What is Considered PHI Under HIPAA?

by RSI Security March 3, 2023August 28, 2025

written by RSI Security

When working toward HIPAA compliance, it is crucial to understand exactly what is considered PHI under HIPAA. PHI, or Protected Health Information, refers to any patient data that can be used to identify an individual and relates to their medical history, treatments, or payment for healthcare services.

The HIPAA Privacy Rule sets strict guidelines for how organizations must handle PHI to protect patients’ confidentiality. By understanding what qualifies as PHI, healthcare providers and their business associates can remain compliant, avoid costly penalties, and maintain patient trust.

March 3, 2023August 28, 2025 0 comment