Management’s Responsibilities During a HITRUST CSF Assessment

by Sarah Harvey / December 16, 2022

What is an Executive Charter? When your organization begins preparing to undergo a HITRUST CSF assessment, management needs to review what their own responsibilities are, regardless of how seemingly small some of them might seem. For example, does your organization have an executive charter in place that delegates the responsibilities of the CISO? What level of involvement do your C-level executives have in your information security program? In this webinar,…

How to Read Your Vendor’s SOC 1 or SOC 2 Report

by Sarah Harvey / June 13, 2023

Most organizations outsource some aspect of their business to vendors, whether it’s to perform a specific, integral task or replace an entire business unit. Vendors can be in roles like customer support, financial technology, record storage, software development, or claims processing. Using vendors can further an organization’s business objectives, enable them to function more effectively, and may be more cost-efficient. With all these opportunities, organizations must remain aware of the…

GDPR Fundamentals: The Basics of the Law

by Mark Hinely / April 5, 2023

 Have you been clicking “Accept” on a lot more sites asking for consent to use cookies? Did you receive a flood of updated privacy policies from brands you are subscribed to? Have you noticed that companies who’ve been recently breached are giving out a lot more information about the event than they normally would? There is a reason for all of this, and it’s GDPR. What is GDPR? Born…

Understanding Gramm Leach Bliley (GLBA) Compliance and Personally Identifiable Information

by Benjamin Wright / December 22, 2022

 What is the Gramm-Leach-Bliley Act? The Gramm-Leach-Bliley Act (GLBA) is a law that requires all financial institutions in the United States to safeguard their consumers’ sensitive data. GLBA applies to financial institutions such as organizations that offer financial or investment advice, provide consumer loans, or process consumer financial information. Regardless of the type of institution, under the Safeguards Rule, GLBA lays out four techniques that all financial institutions must follow in…

Advice for Making Legal Agreements via Electronic Communication

by Benjamin Wright / December 22, 2022

 How Should I Make Legal Agreements via Electronic Communication? Electronic communications have become an integral component of conducting business in today’s society. Agreements and contracts are formed over email, text messages, and other various collaborative platforms such as Office 365 or Google Drive. Though hard copy paper contracts still exist, digital contracts offer more accessibility, the ability to track changes, and a way to collaborate via electronic communication. Digital…