by
Sarah Harvey / December 16, 2022
How does privacy law come into play when a pandemic hits? Do the rules change? How do business associates and covered entities know when and where they can share PHI related to the pandemic? Let’s discuss so that you know the impact to your organization. HIPAA Privacy Rule and Pandemics The HHS recently released a memo that explains how the HIPAA Privacy Rule balances protection of PHI with protection of…
by
Sarah Harvey / June 13, 2023
We get a lot of questions about PCI and HIPAA audits. There’s legislation and complicated requirements behind these frameworks, so what happens when your company is required to obtain both types of compliance? Are you able to consolidate both audits into one project? KirkpatrickPrice has developed the Online Audit Manager to make it easier to combine multiple audits into one project, including PCI and HIPAA. Let’s talk through why and…
by
Sarah Harvey / June 13, 2023
So you’ve completed a SOC 2 audit, how prepared does that make you for an ISO 27001 audit? How do you know whether your organization needs a SOC 2 attestation or an ISO 27001 certification? For organizations working toward security compliance, deciding between these two audits depends on a few factors. While these audit frameworks are different in many ways, they also share some core similarities that make it difficult…
by
Sarah Harvey / August 21, 2023
The Importance of Network and Data Flow Diagrams Network diagrams and data flow diagram are called out in PCI Requirement 1; in fact, the PCI DSS puts so much weight on a good diagram that they include it in the first phase of the Prioritized Approach, which is the recommended method to remediate compliance gaps. But, PCI is not the only place where network and data flow diagrams are valid.…
by
Sarah Harvey / June 13, 2023
When a breach occurs in the financial services industry, it costs the compromised organization $210 per breached record – which is why we get a lot of questions about SOC 1 and PCI audits from organizations in the financial services industry. How can you protect your data from threats? Should your company complete both audits? Are you able to consolidate multiple audits into one project? KirkpatrickPrice has developed the Online…
