Who’s Enforcing GDPR?

by Sarah Harvey / December 16, 2022

The Information Commissioner's Office (ICO) enforces the GDPR as of May 25, 2018. There’s no doubt that GDPR has brought its fair share of challenges into the world of data privacy. GDPR was specifically designed to impact businesses across the globe, not just European Union Member States. Its ultimate goal, though, is to reduce regulatory differences in order to make data protection laws more consistent and make businesses more transparent.…

How to Scope a HITRUST Engagement

by Sarah Harvey / June 14, 2023

One of the most frequent questions that our Information Security Specialists are asked when engaging in a HITRUST CSF assessment with a client for the first time is, “What is the purpose of narrowing the scope of the engagement?” This is a great question and the answer is simple: everything that you do in a HITRUST CSF assessment is about your scope. The larger your scope is, the more complex…

HITRUST Scoping 101

by Sarah Harvey / December 16, 2022

What is the Most Important Thing I Need to Know about HITRUST Scoping? Are you in the process of preparing for a HITRUST CSF assessment? Do you need more information about how to properly scope your engagement? In this webinar, Shannon Lane, an Information Security Specialist at KirkpatrickPrice, will cover all things related to HITRUST CSF scoping, such as how HITRUST expects you to scope your engagement, what boundaries you…

Components of a Quality Penetration Test

by Sarah Harvey / December 16, 2022

How do you ensure you’ve identified security vulnerabilities before a hacker has? In today’s threat landscape, it’s crucial for organizations to take cybersecurity seriously and create a prevention strategy. We know that organizations today face extremely threatening cybersecurity risks. We know you need validation of your security methods. We know you need someone to uncover the risks and security vulnerabilities that you don’t know about. That’s why we offer quality…

Privacy Policies Built for GDPR Compliance

by Sarah Harvey / December 16, 2022

Updating Your Privacy Policy for GPDR Compliance Privacy policies are critical to GDPR compliance efforts, as this statement or notice explains how an organization handles personal data. We know that in order to comply with GDPR, a privacy policy should be concise and written in clear, plain language. However, in the weeks since GDPR became enforceable, many privacy policies are not meeting these requirements. This may be due to organizations…