RSI Security

Blog

  • What Is The HITRUST Certification Process?

    What Is The HITRUST Certification Process?

    The Health Information Trust Alliance (HITRUST) is an organization that creates and maintains a common security framework (CSF) for businesses and organizations in the healthcare sector. Founded in 2007, the Texas-based entity has a prescriptive set of controls that organizations can use in creating, accessing, storing, or exchanging sensitive or regulated data. 

    HITRUST certification is commonly required by organizations handling protected health information (PHI).  It provides a holistic approach to managing information security risks. Considered as the gold standard for compliance in the healthcare industry, it combines commonly accepted standards such as:

    (more…)

  • What is HITRUST and How Does it Protect the Healthcare Industry? 

    What is HITRUST and How Does it Protect the Healthcare Industry? 

    If you’re a business owner who operates within the healthcare industry, you know that patients are your top priority. Whether it’s protecting their health or their data, you want to meet a high standard of excellence. Read below for more information on the HITRUST Alliance and how they help protect the healthcare industry. 

    (more…)

  • Privacy Policy Requirements For CCPA

    Privacy Policy Requirements For CCPA

    People want privacy when it comes to their personal information; however, sometimes they don’t realize how other companies use their information. Third party involvement and the use of online platforms increase the chances that consumer data will be sold or affected by a data breach. Consequently, California took action to empower consumers. Are you aware of the privacy policy requirements outlined by CCPA? Find out everything you need to know with our complete guide. 

    (more…)

  • A Detailed SOC 2 Compliance Checklist

    A Detailed SOC 2 Compliance Checklist

    Running a business is no easy task. Knowing whether you’re SOC 2 compliant or not is yet another thing on your already full plate of expense reports, hiring, marketing, and so much more. Using the following information will help clear any confusion so you can focus on the things you love about running your business.

    (more…)

  • How To Improve Cybersecurity In Financial Institutions

    How To Improve Cybersecurity In Financial Institutions

    To the cyber-criminal, the world is a list of digital targets. There are two primary methods for selecting those targets. Sometimes the adversaries cast a very large automated digital net, looking for easily exploitable weaknesses wherever they exist. When the system reports one, they decide if the target is worth their time and either pursue it or move on to the next. 

    The other is a far more dangerous method, in which the target is pre-selected because it is considered high-value. When hackers decided to go after Target Stores in 2013 the attack was complex, methodical, and persistent; eventually compromising over 40 million people’s card data and costing the company over $300 million.

    JP Morgan Chase suffered a breach in 2014 in which they reportedly compromised the financial and personal information of more than 76 million households and 7 million small businesses. The total cost of that incident is estimated to reach $1 billion!

    According to the IBM X-Force Threat Intelligence Index of 2019,  Finance and Insurance was the most frequently targeted industry in 2018 with 19% of the tracked attacks.

    (more…)

  • What Are The Penalties For Non-Compliance With CCPA?

    What Are The Penalties For Non-Compliance With CCPA?

    It wasn’t long ago when the EU’s General Data Protection Regulation (GDPR) went into effect and caused internet frenzy. The GDPR compelled people to care more about their personal information and how the information is being used by merchants and businesses with or without their consent. The policy actually pushed people to rethink how their internet activities could put them at risk, both financially and emotionally. 

    (more…)

  • Cyber Regulations For Banking In Europe vs. America 

    Cyber Regulations For Banking In Europe vs. America 

    Banking and financial systems often go unnoticed by the general public despite the fact that they support daily tasks. The US government even classifies financial systems under critical infrastructure. With both America and European countries relying heavily on technology, they have attempted to keep pace with new banking cybersecurity regulations. Ever wondered about the differences in cybersecurity regulations of banking in Europe vs. the US? Read on to find out now. 

    (more…)

  • What To Look For In Cybersecurity SaaS Companies

    What To Look For In Cybersecurity SaaS Companies

    No matter what industry you’re in, cybersecurity typically isn’t something that can be handled on your own. And most organizations recognize this fact, with only 25 percent of companies having their own standalone cybersecurity department. That’s precisely why firms are increasingly turning to cybersecurity SaaS companies to help protect their sensitive data.

    But that doesn’t mean that all SaaS cybersecurity products, vendors, and partners are created equal. While there is a slew of SaaS companies with various products on the market designed to help you protect your data in the cloud, you’ll need to be careful and diligent throughout the evaluation process to ensure you select the right long-term partner. 

    Depending on your industry, type of systems, customer base, and many other factors, you’ll need to think long and hard before selecting a SaaS cybersecurity company. From technological know-how to customer support and compliance, here’s how cybersecurity SaaS companies can protect your company’s sensitive data and what to look for when choosing one.

    (more…)

  • Why BYOD is Bad For GDPR Compliance

    Why BYOD is Bad For GDPR Compliance

    More organizations than ever are looking for ways to cut overhead costs. Some are giving their employees the option to work remotely. Others are allowing them to use their personal devices (i.e. laptop, cell phone, etc.) to do their work on in place of a company-owned device.

    Although adopting a Bring Your Own Device (BYOD) policy might allow your company to scale and pivot as you grow, it also comes with tremendous risk from the security front. With more global organizations choose to adopt these BYOD, they invariably come in contact with General Data Protection Regulations (GDPR) that ensure the protection of user data that flows through a company’s network.  

    As such, it would be best to consider developing an ironclad, yet flexible BYOD strategy to ensure your organization doesn’t get hurt by potential GDPR compliance mishaps. Let’s run through the potential issues with BYOD and GDPR and point you in the right direction towards keeping your network data safe while decreasing your risk for getting hefty GDPR compliance fines.

    (more…)

  • CCPA Compliance: What You Need To Know

    CCPA Compliance: What You Need To Know

    The California Consumer Privacy Act (CCPA), widely regarded as the most extensive consumer privacy law in the United States, is set to be implemented on January 1, 2020. This landmark legislation on data protection is also considered as one of the toughest privacy-related laws in the world and poses a challenge to all businesses that collect personal information from consumers of California. 

    Similar to the General Data Protection Regulation (GDPR) that protects personal data of all European Union-based residents, the CCPA applies to all business entities regardless of their location.  It gives California residents control over how their personal data is handled. 

    As the date of CCPA implementation nears, this comprehensive guide to CCPA compliance will discuss everything you need to know about this historic privacy law. 

    (more…)