How to Write a Privacy Policy

by Sarah Harvey / October 4, 2023

The Importance of Privacy Policies in Today’s Data-Centric Landscape It’s no secret that data is now the most valuable asset worldwide. With nearly all organizations relying on some form of data to fuel their business, consumers and policy makers have started highlighting the need to be more transparent about how they collect, use, store, and transmit data, starting with their privacy policies. Because consumers have become more interested in how…

Coronavirus Hits Healthcare’s Cyber Readiness

by Sarah Harvey / December 16, 2022

Healthcare organizations all around the world are fighting the coronavirus pandemic, but they are fighting more than just the virus. While the healthcare industry is focused on public health and patient care, hackers are taking this opportunity to target them with all types of cyber attacks. Has the lack of cyber readiness finally caught up to the healthcare industry? Is it taking a global pandemic for healthcare organizations to face…

Privacy Concerns During the Coronavirus

by Sarah Harvey / December 16, 2022

How does privacy law come into play when a pandemic hits? Do the rules change? How do business associates and covered entities know when and where they can share PHI related to the pandemic? Let’s discuss so that you know the impact to your organization. HIPAA Privacy Rule and Pandemics The HHS recently released a memo that explains how the HIPAA Privacy Rule balances protection of PHI with protection of…

Combining PCI and HIPAA Audits

by Sarah Harvey / June 13, 2023

We get a lot of questions about PCI and HIPAA audits. There’s legislation and complicated requirements behind these frameworks, so what happens when your company is required to obtain both types of compliance? Are you able to consolidate both audits into one project? KirkpatrickPrice has developed the Online Audit Manager to make it easier to combine multiple audits into one project, including PCI and HIPAA. Let’s talk through why and…

Choosing Between SOC 2 and ISO 27001 Audits

by Sarah Harvey / June 13, 2023

So you’ve completed a SOC 2 audit, how prepared does that make you for an ISO 27001 audit? How do you know whether your organization needs a SOC 2 attestation or an ISO 27001 certification? For organizations working toward security compliance, deciding between these two audits depends on a few factors. While these audit frameworks are different in many ways, they also share some core similarities that make it difficult…