4 Phases of a Compliance Management System (CMS)

by Sarah Harvey / June 14, 2023

According to the CFPB, a “robust and effective compliance management system” is a critical component of the structure of an organization. Best practices define a Compliance Management System (CMS) as a set of interrelated or interacting elements that organizations use to direct and control how compliance policies are implemented and compliance objectives are achieved. Since the CMS is essentially the foundation of your organization, let’s start from the bottom and…

Most Notable Findings from the 2015 CFPB Supervisory Highlights

by Sarah Harvey / December 16, 2022

The CFPB recently released their 2015 Supervisory Highlights noting their observations and findings during their recent supervisory examinations. There are a lot of examples and learning opportunities for us to gain from these findings that we should focus on in order to strengthen our compliance at our own organizations. The first item that really stood out is in regards to consumer reporting. The CFPB found several occasions where dispute-handling obligations…

5 Topics to Include in Your Security Awareness Training Program

by Sarah Harvey / June 14, 2023

Regularly training your employees is a critical component of compliance and security in your organization. The risk of an employee not understanding the potential security threats facing them as a frontline target could be just the opening that an attacker needs to create a security breach. You are only as strong as your weakest link, so implementing a regular security awareness training program is crucial to ensure that you’re doing…

Medical Devices Can Lead to Data Breach at Healthcare Organization

by Sarah Harvey / December 16, 2022

The terms “data breach” and “healthcare organization” aren’t strangers in headlines as of late, but recent studies and investigations done by cybersecurity professionals in the industry have found that cyber hackers are beginning to use medical device vulnerabilities as an intrusion point into the entire organization’s network. It’s quite common for medical devices to run outdated, thus vulnerable, software, and are difficult to mitigate vulnerabilities, putting millions at risk. Recent…

3 Reasons You Should Be Undergoing Regular Penetration Tests

by Sarah Harvey / December 16, 2022

Did you now you could avoid a costly data breach by having regular Penetration Testing and Vulnerability Scans? So why don't we? Every week we hear about an unforgiving hacker who has taken advantage of a security gap to maliciously gain access to tons of irretrievable data, costing them tons of money, and ultimately damaging the reputation of the organization. Not to mention those affected by the stolen data -…