Compliance Standards Archives | Page 30 of 80

SOC 2 vs SOC 3: What is the Difference?

by RSI Security May 16, 2022June 30, 2022

Service organizations looking to build out secure IT infrastructure can rely on SOC reports to audit their security controls. Besides strengthening and optimizing your security posture, SOC compliance also provides security assurance to your stakeholders. Read our guide to learn more about SOC reports, especially SOC 2 vs SOC 3, and how they can help you.

May 16, 2022June 30, 2022 0 comment

NIST 800-171 / DFARS

What Is a NIST 800-171 Passing Score?

by RSI Security May 13, 2022June 30, 2022

written by RSI Security

Compliance with the National Insitute of Standards and Technology (NIST) Special Publication 800-171 is critical to demonstrating your security posture as a Department of Defense (DoD) contractor—helping you maintain preferred contractor status. NIST 800-171 compliance helps safeguard sensitive information such as Covered Defense Information (CDI) and Controlled Unclassified Information (CUI). Read on to learn all about NIST 800-171 passing scores.

May 13, 2022June 30, 2022 0 comment

PCI DSS

PCI Compliance Network Security Best Practices

by RSI Security May 11, 2022June 29, 2022

written by RSI Security

Cardholder and payment data are prime targets of digital attacks. Establishing and maintaining a secure network is essential to handling, storing, and processing this data safely. PCI Security Standards exist to guide the entities that handle this data on how to protect it thoroughly. This guide will introduce the standards and their goals and cover best practices for meeting PCI compliance network security requirements.

May 11, 2022June 29, 2022 0 comment

Cybersecurity Technical Writing

Your Guide to Writing Technical Documentation

by RSI Security May 10, 2022June 30, 2022

written by RSI Security

Communication is essential to the operations and success of any organization; documentation is one of the primary tools in preserving and communicating technical information. Technical documentation is used to educate personnel, record processes and policies, and report the results of audits and assessments. This technical writing 101 will examine best practices of writing technical documentation and the ways it can benefit your organization’s cybersecurity.

May 10, 2022June 30, 2022 0 comment

HIPAA / Healthcare Industry

OCR HIPAA Enforcement, Explained

by RSI Security May 5, 2022August 28, 2025

written by RSI Security

Any organization that handles Protected Health Information (PHI) is required to comply with HIPAA to protect the privacy, security, and integrity of patient data. Enforcement of these regulations falls under the Office for Civil Rights (OCR) within the Department of Health and Human Services (HHS).

OCR HIPAA enforcement involves investigating complaints, conducting audits, and issuing penalties when violations occur. Understanding how OCR enforces HIPAA is essential for covered entities and business associates to remain compliant and avoid costly fines.

May 5, 2022August 28, 2025 0 comment

PCI DSS

PCI Compliance Key Management Requirements

by RSI Security May 4, 2022June 29, 2022

written by RSI Security

If your organization processes, transmits, or stores card payment data, you must comply with the PCI DSS guidelines to safeguard the sensitivity of card payment transactions. The guidelines listed in the PCI compliance key management requirements will help secure any sensitive card payment data you store or process. Read on to learn more.

May 4, 2022June 29, 2022 0 comment

HIPAA / Healthcare Industry

HIPAA Patient Data Security Requirements, Challenges, and Best Practices

by RSI Security April 28, 2022August 28, 2025

written by RSI Security

To protect patient data and maintain compliance, healthcare organizations and their business associates must follow the HIPAA requirements established by the U.S. Department of Health and Human Services (HHS). These safeguards, outlined in the HIPAA Privacy and Security Rules, ensure that Protected Health Information (PHI) remains secure, confidential, and accessible only to authorized parties.

Meeting these HIPAA requirements not only helps organizations avoid costly penalties but also builds patient trust by demonstrating a strong commitment to data privacy. Read on to explore the key HIPAA requirements, the challenges of compliance, and best practices for securing patient data. Read on to learn more.

April 28, 2022August 28, 2025 0 comment

PCI DSS

What is a PCI Compliance Scan?

by RSI Security April 20, 2022February 12, 2025

written by RSI Security

The Payment Card Industry’s (PCI) Security Standards Council (SSC) requires companies who process card and electronic payments to maintain compliance with regulations that protect cardholder data. To demonstrate that they continually comply with the Data Security Standard (DSS) and any other applicable standards, companies must pass a quarterly PCI compliance scan conducted by an Approved Scanning Vendor (ASV). Continue reading for a walkthrough and preparation tips regarding how to pass PCI compliance scan testing.

April 20, 2022February 12, 2025 0 comment

HITRUST

HITRUST Levels and the HITRUST CSF Control Maturity Model

by RSI Security April 19, 2022February 22, 2023

written by RSI Security

The HITRUST Alliance has helped streamline cybersecurity and compliance for companies across all industries since it was founded in 2007. It offers businesses the CSF—a unified regulatory framework that combines controls from various others into a single simplified system.

April 19, 2022February 22, 2023 0 comment

HITRUST

How Long Does It Take to Get HITRUST Certified? Timeline and Factors to Consider

by RSI Security April 18, 2022June 15, 2022

written by RSI Security

Organizations that achieve HITRUST certification benefit from streamlined compliance across many industries. However, the timeline for HITRUST certification depends on organization readiness and several compliance considerations. Read on for a HITRUST 101 breakdown of the certification timeline.

April 18, 2022June 15, 2022 0 comment