Healthcare
HIPAA/HITECH
HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) are U.S federal laws that mandate strict controls over the protection of electronic patient health information (ePHI). Together, they form the foundation for managing and securing sensitive health data in today’s digital healthcare environment.
HITRUST
In today’s complex regulatory landscape, organizations face increasing pressure to demonstrate robust cybersecurity and privacy controls.
CMS EDE
Direct Enrollment (DE) permits consumers to purchase a Marketplace health plan from a source other than Healthcare.gov; however, the process was cumbersome – consumers had to be redirected to Healthcare.gov to fill out the official application, and once they receive the eligibility notification, they would be redirected back to the web broker’s site.
SOC 1
A SOC 1 (Service Organization Control 1) audit framework is vital for service organizations that impact their clients’ financial reporting.
SOC2
SOC 2 (Service Organization Control 2) is a comprehensive auditing framework designed to assess and report on the security, availability, processing integrity, confidentiality, and privacy controls of service organizations.
VCISO
Virtual CISO is for companies that do not have dedicated security staff and want assistance in maturing their organization and reducing risk
CCPA
The California Consumer Privacy Act (CCPA Compliance) protects all personal information that identifies, relates to, describes, is capable of being associated with, or may reasonably be linked, directly or indirectly, with a particular consumer or household.
GPDR
GDPR sets the gold standard for data privacy worldwide. It governs how personal data of EU citizens is processed, granting individuals rights such as access, correction, and erasure of their data.