Understanding the Audit Types for Debt Collectors and Collection Agencies

by Sarah Harvey / June 14, 2023

How SOC 1, SOC 2, PCI and FISMA Apply to Debt Collection If you’re performing collections, you’re no stranger to regulatory compliance and the proactive supervision of government agencies such as the Federal Trade Commission (FTC), Consumer Financial Protection Bureau (CFPB), and the Office for Civil Rights (OCR). It’s also critical to consider how you’re protecting consumer data and understand what information security audits are available and will best fit…

Overcoming Security Challenges at your Data Center

by Sarah Harvey / June 15, 2023

Information security has become a topic that is at the forefront of every business owner’s mind. With the influx of information stored in a data center, it’s becoming increasingly important that data centers take the right steps towards ensuring that they have the proper controls in place to provide secure and efficient services to their clients. Let's explore the challenges of data center security and look at ways we can…

5 Ways to Prepare for a Phase 2 HIPAA Audit

by Sarah Harvey / June 13, 2023

Have you received a questionnaire from the OCR regarding Phase 2 of the HIPAA audit program? Are you uncertain about how to prepare for the possibility that you will be selected for an audit? The Office for Civil Rights (OCR) has begun sending out address verification letters and collecting information on potential covered entities and business associates who may be selected for a Phase 2 HIPAA Audit. The pressure is finally on,…

A HITRUST CSF Audit Can Take the Guesswork out of HIPAA Compliance Assessments

by Sarah Harvey / June 14, 2023

Are you looking for a healthcare compliance audit solution?  Has someone asked your organization to demonstrate that you are HIPAA certified? Are you confused by what “HIPAA certified” even means? KirkpatrickPrice offers SOC 2 audits with a HITRUST CSF (common security framework) component designed to take the confusion and guesswork out of HIPAA compliance assessments. The difference between SOC 2 vs. HIPAA is that they are audits over two different…

Gone Phishin’: A fake account of real events – Understanding the Risk of Ransomware

by Sarah Harvey / June 14, 2023

Just an ordinary day in the IT Department Molly walked in to the IT department at the regional hospital where she’s worked for the last four years. Some mornings are more hectic than others. She could tell it was going to be “one of those days” as the help desk buzzed with activity – users locked out, systems down, Internet outages – but today, these conversations seemed a bit more…