HIPAA vs. HITRUST CSF: Which One Should I Choose?

by Sarah Harvey / June 13, 2023

Stolen medical records, research, prototypes, prescriptions, devices – there are so many ways that healthcare organizations can be compromised. Each of these risks threaten patient care in a different way, but they could each lead to life-or-death consequences. That is why it’s so important that healthcare organizations undergo the right type of information security audit – to ensure that they are protected in every way that they can be. We’ve…

Combining PCI and HIPAA Audits

by Sarah Harvey / June 13, 2023

We get a lot of questions about PCI and HIPAA audits. There’s legislation and complicated requirements behind these frameworks, so what happens when your company is required to obtain both types of compliance? Are you able to consolidate both audits into one project? KirkpatrickPrice has developed the Online Audit Manager to make it easier to combine multiple audits into one project, including PCI and HIPAA. Let’s talk through why and…

Choosing Between SOC 2 and ISO 27001 Audits

by Sarah Harvey / June 13, 2023

So you’ve completed a SOC 2 audit, how prepared does that make you for an ISO 27001 audit? How do you know whether your organization needs a SOC 2 attestation or an ISO 27001 certification? For organizations working toward security compliance, deciding between these two audits depends on a few factors. While these audit frameworks are different in many ways, they also share some core similarities that make it difficult…

Creating Effective Network Diagrams and Data Flow Diagrams

by Sarah Harvey / August 21, 2023

The Importance of Network and Data Flow Diagrams Network diagrams and data flow diagram are called out in PCI Requirement 1; in fact, the PCI DSS puts so much weight on a good diagram that they include it in the first phase of the Prioritized Approach, which is the recommended method to remediate compliance gaps. But, PCI is not the only place where network and data flow diagrams are valid.…

Combining SOC 1 and PCI Audits

by Sarah Harvey / June 13, 2023

When a breach occurs in the financial services industry, it costs the compromised organization $210 per breached record – which is why we get a lot of questions about SOC 1 and PCI audits from organizations in the financial services industry. How can you protect your data from threats? Should your company complete both audits? Are you able to consolidate multiple audits into one project? KirkpatrickPrice has developed the Online…