logo
March 3, 2021 | Mike Tierney

NIST 800-53: A Guide to Compliance

The NIST 800-53 standard offers solid guidance for how organizations should select and maintain customized security and privacy controls for their information systems. NIST SP 800-53 Revision 5 is one of many compliance documents you need to familiarize yourself with if you are working with...
February 19, 2021 | Mike Tierney

How to Perform a Data Protection Impact Assessment (DPIA)

Conducting a data protection impact assessment (DPIA) or privacy impact assessment (PIA) is a complex and challenging task. Nevertheless, it’s critical to do. Data privacy concerns have become a significant focus across all industries, and for good reason: data is at higher risk than ever before....
January 28, 2021 | Jeff Melnick

Top GDPR Solutions for Security and Consent Management

The General Data Protection Regulation (GDPR) is a set of provisions and requirements governing data protection and privacy for individuals across the European Union. It applies to any business or public body — inside or outside the EU — that handles the personal data of EU residents. Such data...
January 20, 2021 | Mike Tierney

ISO 27001 Compliance: What You Need to Know

ISO/IEC 27001 is a set of international standards developed to guide information security. Its component standards, such as ISO/IEC 27001:2013, are designed to help organizations implement, maintain and continually improve an information security management system (ISMS). Compliance with ISO...
January 21, 2021 | Ryan Brooks

Compliance Tools: Choosing the Right Solutions

Making sure your environment is compliant with regulatory requirements can be a challenge. No matter your company’s size or industry, ensuring you have the required security controls is never a set-it-and-forget-it process. With your IT environment, your user base and the threat landscape...
December 14, 2020 | Ryan Brooks

Information Classification for ISO 27001 Compliance

ISO 27001 is an international standard that focuses on information security. This standard guides the establishment, implementation, maintenance, and continuous improvement of an information security management system (ISMS). To achieve compliance, you need to: Understand what data assets you...
November 25, 2020 | Mike Tierney

HIPAA Compliance Checklist

The Health Insurance Portability and Accountability Act (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act, is designed to keep individuals’ medical information and health records safe. Healthcare organizations must ensure HIPAA compliance, even...
January 21, 2021 | Ryan Brooks

Most Popular HIPAA-Compliant Cloud Storage Services

Cloud computing provides undeniable benefits for storing and accessing electronic health records. Files stored in the cloud are accessible anytime and anywhere from any device, which makes it easy to share critical medical information between healthcare workers. But is cloud storage secure enough...
January 21, 2021 | Ryan Brooks

Is Microsoft 365 HIPAA Compliant?

Office 365 HIPAA compliance is a pressing concern for an increasing number of healthcare companies. Microsoft’s robust cloud solution lets providers keep records and communicate with ease — but is it too easy? Can sensitive information really be protected if it’s stored in the cloud? Cloud...
January 21, 2021 | Gina Fanning

Does GDPR Compliance Apply to US Companies?

In May of 2018, the European Union enacted one of the world’s strictest set of rules for personal data protection. The formal name of this legislation is the General Data Protection Regulation, but it is more commonly known as the GDPR. The GDPR regulates personal data, which is defined as any...
Show more articles
...