2014: The Year of Updating Frameworks

by Sarah Harvey / December 16, 2022

As the world continues to be pressured with information security challenges, over the last 12 months, major compliance frameworks have recently been updated or are currently updating. In today's current climate, incidents and breaches are occurring more frequently, and at a much larger scale. With this in mind, many entities have realized these threats and are beginning to closely analyze the gaps in the current frameworks (HIPAA, ISO 27001:2013, FISMA/NIST…

Are you Ready for an Onsite Audit from the OCR?

by Sarah Harvey / June 13, 2023

Phase 2 of HIPAA Audit Program Expected in 2015 The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has always enforced HIPAA compliance. Recently, they have announced plans to proceed with Phase 2 of the HIPAA audit program, a more proactive approach to overseeing HIPAA compliance. Supervision is coming. The OCR is determined to begin performing periodic audits to ensure that Covered Entities and Business Associates…

Vendor Compliance Management Series: Performing an Effective Risk Assessment

by Sarah Harvey / November 17, 2023

Vendors and Risk Assessments Are you looking to find out more about how to ensure that your organization is meeting vendor compliance management requirements? This webinar provides an overview of ways that you can ensure that your organization is performing an effective risk assessment. In this webinar, Joseph Kirkpatrick introduces and gives an overview of external guidance’s that may serve to be potentially useful for your organization to establish or…

Vendor Compliance Management Series: Where To Start?

by Sarah Harvey / November 20, 2023

What’s Changed? There needs to be a full chain of custody as the CFPB expects you to “oversee their business relationships with service providers in a manner that ensures compliance with Federal consumer financial law….” For example, if you have “any person (i.e. service provider) that provides a material service to a covered person (i.e. you) in connection with the offering or provision by such covered person of a consumer…

CFPB Readiness Series: Making Risk Assessment Work For You

by KirkpatrickPrice / November 20, 2023

Once you’ve determined that you need to undergo a CFPB audit, conducting a risk assessment enables you to find and address gaps before the audit begins. What is a Risk Assessment and Why Should I Care? A risk assessment is a systematic process of evaluating the potential risks that may be involved in a projected activity or undertaking. It involves evaluating operational, compliance, and reputational risks. Aside from being mandated…