7 Deadly Sins of a HITRUST CSF Assessment

by Shannon Lane / October 11, 2023

 7 Deadly Sins of HITRUST At KirkpatrickPrice, we’ve worked with clients of all sizes – from startups to enterprise-level organizations. By working with so many organizations of varying sizes and industries, we’ve been able to identify seven primary pitfalls that make for a challenging audit environment, all of which represent initial difficulties that often lead to a failed or very drawn out HITRUST validated assessment attempts. In recognizing how significant…

What is Cybersecurity?

by Shannon Lane / October 11, 2023

What is cybersecurity, and why does it matter? The answer boils down to this: it’s a commitment to ensuring that the trust placed in your business by your clientele is warranted, understood, and treated as the precious commodity it is. It is a commitment to the understanding that you will do everything in your power to protect your clients from those who would do them harm, and that you will…

GDPR Fundamentals: Data Security Requirements

by Mark Hinely / October 11, 2023

 Appropriate Data Security Controls While GDPR is primarily a data privacy law, it also includes elements of data security. But of course, GDPR is ambiguous so it’s not very prescriptive when it comes to data security requirements for processing personal data. The law requires each organization to evaluate its own data security based on risk, processing activities, and its organizational structure. By putting this in the hands of the…

GDPR Fundamentals: Data Protection Officers

by Mark Hinely / April 5, 2023

 Most organizations who are required to comply with GDPR will have a Data Protection Officer (DPO). The requirement to have a DPO applies if you are a public authority, if your regular activities require large-scale and systematic monitoring, or if your core activities consist of large-scale processing of special categories of data. Qualifications of a Data Protection Officer When hiring a DPO, GDPR specifies that the individual must have…

Business Continuity and Disaster Recovery: How to Avoid a Crash Landing

by Randy Bartels / June 14, 2023

I Piloted an Emergency Landing, and So Can You It can be easy to put business continuity and disaster recovery planning on the back burner if your organization has never been affected by a disaster. But what would happen if a power outage, tornado, or data breach hit your organization and you didn’t have any plan in place? Disaster strikes when you’re least expecting it. It’s critical that you ensure…