HIPAA, PCI, NIST, more. Our products include:
Risk Assessment: No matter what rules or laws your business must follow, our free review will find out if your office in compliance in three areas:
- Mobile and computer network: Our technology tools will look for problems, which we can fix with firewall changes or new hardware.
- Electronics check: We search all devices on your network for issues, including desktops, laptops and tablets. You can boost security by updating all software and patches.
- Everyday work: We may see violations as we walk through your office, such as a possible HIPAA offense from leaving monitors or patient records where others can see them.
Health care-specific services: As regulations do not provide strict guidelines on data security, many small providers have little to none. An attack can cost $1.5 million to $5 million – a problem that low-cost measures up front can help prevent:
- Electronic health records: We keep them available while following laws and regulations.
- Security: Keep the bad guy out with measures like two-factor authentication.
Regulatory frameworks we can help your business comply with:
1. AT-100 auditing standard for SOC-2 reports
2. California Consumer Privacy Act (CCPA)
3. Federal Bureau of Investigation (FBI):
- Criminal Justice Information Services (CJIS) Security Policy
- CJIS ISO
5. Department of Health and Human Services (HHS):
6. International Organization for Standardization (ISO)
7. Department of Defense (DOD):
- National Institute of Standards and Technology (NIST)
- NIST 800-53
- NIST 800-171
- NIST Special Publication 800-171 (NIST SP 800-171)
- Requirement AC-7
- Requirement IA-3
- Requirement CA-7
- Requirement CM-4
- Requirement AU-6
- NIST Cybersecurity Framework
8. Payment Card Industry Data Security Standard (PCI DSS)
9. Sarbanes-Oxley Act of 2002
10. Statement on Standards for Attestation Engagements No. 16 (SSAE-16)
11. United Kingdom (UK):
12. US-EU Safe Harbor