Clients

Security Leader.

“Jack Skinner’s job is to provide guidance to our executive board on our future needs, current trends in technology and the exposure our organization has in certain areas. He and his team have been a game changer.” -

Director of nonprofit

Compliance Services

HIPAA, PCI, NIST, more. Our products include:

Risk Assessment: No matter what rules or laws your business must follow, our free review will find out if your office in compliance in three areas:

  • Mobile and computer network: Our technology tools will look for problems, which we can fix with firewall changes or new hardware.
  • Electronics check: We search all devices on your network for issues, including desktops, laptops and tablets. You can boost security by updating all software and patches.
  • Everyday work: We may see violations as we walk through your office, such as a possible HIPAA offense from leaving monitors or patient records where others can see them.

Health care-specific services: As regulations do not provide strict guidelines on data security, many small providers have little to none. An attack can cost $1.5 million to $5 million – a problem that low-cost measures up front can help prevent:

  • Electronic health records: We keep them available while following laws and regulations.
  • Security: Keep the bad guy out with measures like two-factor authentication.

Regulatory frameworks we can help your business comply with:

1. AT-100 auditing standard for SOC-2 reports

2. California Consumer Privacy Act (CCPA)

3. Federal Bureau of Investigation (FBI):

  • Criminal Justice Information Services (CJIS) Security Policy
  • CJIS ISO

4. FedRAMP

5. Department of Health and Human Services (HHS):

  • HIPAA/HITECH/OMNIBUS

6. International Organization for Standardization (ISO)

  • ISO 9000
  • ISO 27000

7. Department of Defense (DOD):

  • National Institute of Standards and Technology (NIST)
  • NIST 800-53
  • NIST 800-171
  • NIST Special Publication 800-171 (NIST SP 800-171)
    • Requirement AC-7
    • Requirement IA-3
    • Requirement CA-7
    • Requirement CM-4
    • Requirement AU-6
  • NIST Cybersecurity Framework

8. Payment Card Industry Data Security Standard (PCI DSS)

9. Sarbanes-Oxley Act of 2002

10. Statement on Standards for Attestation Engagements No. 16 (SSAE-16)

11. United Kingdom (UK):

  • GDPR

12. US-EU Safe Harbor

Security Leader.

“Jack Skinner’s job is to provide guidance to our executive board on our future needs, current trends in technology and the exposure our organization has in certain areas. He and his team have been a game changer.” -

Director of nonprofit