Home Compliance Standards
Category:

Compliance Standards

Staying informed about all of the cyber security compliance standards is essential to keeping your company safe from hackers. Read on to learn about the various steps you can take to stay up to date with your industry’s compliance standards.

CCPA Compliance: What You Need To Know
California Consumer Privacy Act (CCPA)

CCPA Compliance: What You Need To Know

by RSI Security
written by RSI Security

The California Consumer Privacy Act (CCPA), widely regarded as the most extensive consumer privacy law in the United States, is set to be implemented on January 1, 2020. This landmark legislation on data protection is also considered as one of the toughest privacy-related laws in the world and poses a challenge to all businesses that collect personal information from consumers of California. 

Similar to the General Data Protection Regulation (GDPR) that protects personal data of all European Union-based residents, the CCPA applies to all business entities regardless of their location.  It gives California residents control over how their personal data is handled. 

As the date of CCPA implementation nears, this comprehensive guide to CCPA compliance will discuss everything you need to know about this historic privacy law. 

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
HITRUST Compliance: What You Need to Know
HITRUST

HITRUST Compliance: What You Need to Know

by RSI Security
written by RSI Security

Rapid advances in medical technology are changing the healthcare industry for the better, but along with these technological advances, come adverse risks. Additionally, as doctors gather more data about their patients through medical devices connected to the internet, it is crucial that this data remains private. Robust data is important for the best care, just as robust security keeps that data private and secure.

Continue Reading
0 comment
1 FacebookTwitterGoogle +LinkedinEmail
CCPA vs. GDPR: What’s The Difference?
California Consumer Privacy Act (CCPA)GDPR

CCPA vs. GDPR: What’s The Difference?

by RSI Security
written by RSI Security

Consumer data privacy has become a hot topic these days with various legislations enacted to promote and strengthen the privacy rights of consumers. There is a global trend of forcing companies to be more accountable and responsible when it comes to protecting consumer data.

Consider the General Data Protection Regulation (GDPR), which was designed to protect the personal data of citizens of the European Union (EU).  It was passed into law in 2016 and took effect two years later.

A couple of months after the GDPR took into effect, then California Governor Jerry Brown signed into law the California Consumer Privacy Act (CCPA) which will be implemented in 2020. The CPPA is widely considered one of the toughest consumer privacy laws in the United States.

Because of the nature of these two legislations, a comparison between the GDPR and CCPA is unavoidable. This article will discuss briefly the two data privacy acts and enumerate the differences between GDPR and CCPA.

Continue Reading
0 comment
1 FacebookTwitterGoogle +LinkedinEmail
How to Become DFARS Compliant
NIST 800-171 / DFARS

How to Become DFARS Compliant

by RSI Security
written by RSI Security

Years ago, governments defended themselves through espionage and military engagement. Today, there are still plenty of both. However, the form they’ve taken has changed drastically. Physical spies have given way to higher levels of digital reconnaissance. To defend against these threats, the U.S government created the Defense Federal Acquisition Regulation Supplement (DFARS) in 2017.

Without getting too deep into how DFARS functions as an organization, and what countries need to be aware of DFARS compliance, here we’ll cover go through a complete step by step breakdown of how to become DFARS compliant.

Naturally, a government mandate tasked with protecting sensitive information is going to be extremely comprehensive and (at times) exhausting. The NIST SP 800-171 is essentially all the inputs, outputs, regulations and requirements for any businesses looking to complete their DFARS compliant statement.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
What Does DFARS Stand For?
NIST 800-171 / DFARS

What Does DFARS Stand For?

by RSI Security
written by RSI Security

If you are a client or a business that supports clients that serve the Department of Defense (DoD) as a contractor or subcontractor you’ve likely heard of Defense Federal Acquisition Regulation Supplement (DFARS).  Protecting sensitive national defense information shared with and created and maintained by private organizations that support federal government contracts is vital to our national security. DoD contractors that process, disseminate, store or transmit Controlled Unclassified Information (CUI) are required to meet DFARS minimum security standards or risk losing existing DoD contracts and eligibility for future contracts.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
Do I need an NYDFS Risk Assessment?
NY DFS - 23 NYCRR 500

Do I need an NYDFS Risk Assessment?

by RSI Security
written by RSI Security

Sensitive data breaches and data loss are major concerns for any organization. The prospect of a financial data breach, however, often results in public panic and can lead to media headlines that destroy a business’s good reputation. In March 2017, the New York State Department of Financial Services released a new cybersecurity regulation for financial service providers, considered to be some of the most rigorous and comprehensive regulatory guidelines for the financial sector. It is the first step toward greater security to protect critical financial data that affects the lives and financial accounts of all individuals and organizations.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
What Are The Soc 2 Compliance Requirements?
SOC 2

What Are The Soc 2 Compliance Requirements?

by RSI Security
written by RSI Security

Many different auditing processes exist, and companies increasingly face the challenge of choosing which type to conduct. Consumers and business partners demand data protection, so it is vital that companies understand the differences of each auditing process available. Are you aware of the Soc 2 compliance requirements? Find out how to be compliant from the experts at RSI Security.

Continue Reading
2 comments
0 FacebookTwitterGoogle +LinkedinEmail
What Is the California Consumer Privacy Act (CCPA)?
California Consumer Privacy Act (CCPA)

What Is the California Consumer Privacy Act (CCPA)?

by Nicholas Giatrelis
written by Nicholas Giatrelis

In 2015 a man named Alastair Mactaggart had a conversation with a friend of his, a Google engineer, about the amount of data Google had on people. The more he thought about it, the more concerned he became. Through his efforts, the California Consumer Privacy Act, also known as the california privacy law, was signed into law by California Governor Jerry Brown in June of 2018.

Sec 2, (i) States:

Therefore, it is the intent of the Legislature to further Californians’ right to privacy by giving consumers an effective way to control their personal information, by ensuring the following rights:

(1) The right of Californians to know what personal information is being collected about them.

(2) The right of Californians to know whether their personal information is sold or disclosed and to whom.

(3) The right of Californians to say no to the sale of personal information.

(4) The right of Californians to access their personal information.

(5) The right of Californians to equal service and price, even if they exercise their privacy rights.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
How to Achieve NYDFS Cybersecurity Compliance
NY DFS - 23 NYCRR 500

How to Achieve NYDFS Cybersecurity Compliance

by RSI Security
written by RSI Security

It is a landmark regulation that is seen to have ripple effects on the cybersecurity practices of financial institutions not only in the United States but also worldwide. The New York State Department of Financial Services (NYDFS) Cybersecurity Regulation, commonly referred to as 23 NYCRR 500, is considered as one of the most comprehensive cybersecurity regulations in the financial sector.   

This regulation takes on cybersecurity issues for financial institutions head-on by establishing strict requirements for state-chartered banks, private bankers, licensed lenders, mortgage companies, insurance companies, service providers, and foreign banks operating in New York.

This post will detail the various aspects of this landmark regulation, from and more importantly, how concerned or covered entities can do in order to achieve NYDFS cybersecurity compliance.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
Load More Posts

This website uses cookies to improve your experience. If you have any questions about our policy, we invite you to read more. Accept Read More