Blog

HIPAA Compliance Checklist: Security, Privacy, and Breach Notification Rules

by Sarah Harvey / January 25, 2023

HIPAA sets a national standard for the protection of consumers’ PHI and ePHI by mandating risk management best practices and physical, administrative, and technical safeguards. HIPAA was established to provide greater transparency for individuals whose information may be at risk, and the OCR enforces compliance with the HIPAA Security, Privacy, and Breach Notification Rules. The goal of the Security Rule is to create security for ePHI by ensuring the confidentiality,…

Horror Stories – 5 Cities Victimized By Cyber Threats

by Sarah Harvey / June 14, 2023

Hospitals, airports, police departments, educational systems, court records, water services, payment portals, technology infrastructure – these cornerstones of the public sector are under attack every day from complex cyber threats. ICMA and Microsoft’s cybersecurity report claims that 44% of local governments are under attack daily. The FBI reports that over 4,000 ransomware attacks occur daily. This year, when the City of Atlanta was compromised by a ransomware attack, the nation…

Penetration Testing Steps for a Secure Business

by Sarah Harvey / December 21, 2023

How to Secure Your Business Through Penetration Testing Being prepared for cyber attacks and having the ability to fix the weaknesses within a system helps organizations avoid the consequences of data breaches. Not only are these breaches costly due to the accumulation of legal fees, IT remediation, and customer protection programs, but customer loyalty can be lost following a breach. By being aware and prepared for attacks before they happen,…

SOC 2 Compliance: The 5 Trust Services Criteria

by Sarah Harvey / January 25, 2023

What are the Trust Services Criteria? Once your organization has decided that you are ready to pursue a SOC 2 attestation, the first thing you have to decide is which of the five Trust Services Criteria (TSP) you want to include in your SOC 2 audit report. Becoming familiar with the categories of security, availability, confidentiality, processing integrity, and privacy should be one of the first steps in your scoping process.…

Horror Stories: Timehop’s MFA Mishap

by Sarah Harvey / June 14, 2023

On July 4, 2018, Timehop, a self-proclaimed “daily nostalgia product,” discovered a data breach where up to 21 million users were impacted. Timehop is a memory-sharing app, enabling users to distribute posts from the past; Timehop connects to users’ social networks and photo storage apps – Twitter, Instagram, Facebook, Dropbox, Google Photos, iCloud, etc. For them, this breach was a nightmare because of the nature of their services. When users…

HIPAA Compliance Checklist: Security, Privacy, and Breach Notification Rules

Horror Stories – 5 Cities Victimized By Cyber Threats

Penetration Testing Steps for a Secure Business

SOC 2 Compliance: The 5 Trust Services Criteria

Horror Stories: Timehop’s MFA Mishap

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.