Compliance Standards Archives | Page 35 of 80

Would Your Workforce Benefit from PCI Certification Training Modules?

by RSI Security January 2, 2022March 30, 2022

Organization-wide adherence to PCI compliance is critical to protecting sensitive cardholder data from cybersecurity threats. PCI certification training can help increase employee awareness and understanding of PCI security frameworks, ultimately strengthening your organization’s PCI data security. Read on to learn more about the various PCI certification training modules.

January 2, 2022March 30, 2022 0 comment

HIPAA / Healthcare Industry

Understanding Patient Data Security Risk Management Requirements for HIPAA

by RSI Security December 21, 2021September 2, 2025

written by RSI Security

Organizations within and adjacent to the healthcare industry must comply with HIPAA regarding their interactions involving protected health information (PHI). The HIPAA Security Rule outlines safeguards for patient data security risk management to help healthcare organizations minimize risk to PHI. Managing risks to PHI security is of the utmost importance and can help your organization mitigate data breaches. Read on to learn how.

December 21, 2021September 2, 2025 0 comment

SOC 2

Comprehensive SOC 2 Implementation Guide

by RSI Security December 10, 2021May 30, 2025

written by RSI Security

Organizations looking to build trust among current and potential clients have a host of tools available to them—but one of the most effective is a SOC 2 audit. SOC 2 is an assessment framework overseen by the American Institute of Certified Public Accountants (AICPA). The SOC 2 audit is a robust evaluation process, whether Type 1 (short-term) or Type 2 (long-term). So, to guarantee success, organizations should turn to a SOC 2 implementation guide—like this one.

December 10, 2021May 30, 2025 0 comment

PCI DSS

Top AOC PCI Compliance Considerations

by RSI Security December 8, 2021March 30, 2022

written by RSI Security

Payment Card Industry (PCI) compliance reporting is required for all organizations that process credit and debit card payments. Depending on PCI Level, organizations are required to report on compliance by having a Qualified Security Assessor (QSA) complete an Attestation of Compliance (AOC). Read on to learn about top AOC PCI compliance considerations.

December 8, 2021March 30, 2022 0 comment

HITRUST

Best Practices for Healthcare Risk Analysis and HITRUST CSF Certification

by RSI Security December 3, 2021March 2, 2022

written by RSI Security

Organizations within or adjacent to the healthcare industry encounter challenges in managing risk assessment, regulatory compliance, and the overall security of their digital infrastructure. HITRUST certification can help healthcare organizations streamline healthcare risk analysis, achieve required HIPAA compliance, and protect the integrity of sensitive protected health information (PHI).

December 3, 2021March 2, 2022 0 comment

HIPAA / Healthcare Industry

What is a HIPAA Business Associate Agreement?

by RSI Security December 2, 2021August 29, 2025

written by RSI Security

According to the Health Insurance Portability and Accountability Act (HIPAA), two groups are primarily responsible for maintaining HIPAA compliance. Covered entities are the most readily assumed, but another, known as business associates, also interact with electronic health records (EHR) and protected health information (PHI). These organizations must be contracted via a HIPAA business associate agreement and are held to stringent standards of confidentiality and professionalism.

December 2, 2021August 29, 2025 0 comment

California Consumer Privacy Act (CCPA)

What is the CCPA Statute of Limitations?

by RSI Security December 2, 2021March 30, 2022

written by RSI Security

The California Consumer Privacy Act (CCPA) protects the rights of data subjects in California. The CCPA statute of limitations refers to two things, broadly: the timeframe within which legal action may be brought against an organization for violating CCPA rights and the duration for which such an organization is allowed to retain data pertaining to a California consumer. Our guide will break down these definitions and explain other essentials of CCPA compliance.

December 2, 2021March 30, 2022 0 comment

PCI DSS

Proper System Authentication Measures for PCI DSS 8 Requirements

by RSI Security November 30, 2021March 30, 2022

written by RSI Security

Payment Card Industry (PCI) compliance is required for security and stability of all card-related transactions, regardless of industry. The Data Security Standard (DSS) as stipulated by the PCI is broken down into 12 primary requirements; this article will detail PCI DSS Requirement 8, which focuses on identifying and authenticating all access to system components. Below, we’ll examine all controls and measures for compliance within Requirement 8’s sub-requirements.

November 30, 2021March 30, 2022 0 comment

SOC 2

Why Is SOC 2 Compliance Important?

by RSI Security November 30, 2021April 5, 2022

written by RSI Security

The American Institute of Certified Public Accountants (AICPA) publishes various audit and reporting guides designed to keep companies and their stakeholders safe. One that applies to most service organizations, including but not limited to cloud computing providers, is the SOC 2 framework. So, why is SOC 2 compliance important? Read on to learn why it matters, how it helps cloud organizations specifically, and how its criteria can help all companies.

November 30, 2021April 5, 2022 1 comment

PCI DSS

PCI DSS Best Practices for Compliance

by RSI Security November 25, 2021March 7, 2022

written by RSI Security

Any organization that handles cardholder data (CHD) is required to follow the Data Security Standards (DSS) established by the Payment Card Industry (PCI). These rules and regulations play a critical role in protecting networks and CHD environments (CDE) from internal and external threats alike. However, their effectiveness can depend on your staff following a few PCI DSS best practices.

November 25, 2021March 7, 2022 0 comment