Penetration Testing in Support of HIPAA Compliance

by Sarah Harvey / December 16, 2022

According to the Department of Health and Human Services Office for Civil Rights’ “wall of shame,” data breaches and security incidents have impacted more than 450,000 individuals so far this year. With no solution or end to the pervasive threat landscape in sight, this begs the question: what more could the healthcare industry do to protect their patients’ PHI, provide quality healthcare services, and ensure that their security posture remains…

SOC 2 vs. ISO 27001: Which Audit Do You Need?

by Sarah Harvey / June 14, 2023

SOC 2 and ISO 27001 audits are similar in intention; they both help organizations protect the data that they are responsible for. How are they different, though, and which one meets your organization’s needs? What is a SOC 2 Audit? A SOC 2 audit evaluates internal controls, policies, and procedures that directly relate to the AICPA’s Trust Services Criteria. This means that a SOC 2 audit report focuses on a…

Privacy vs. Security: What’s the Difference?

by Sarah Harvey / February 20, 2023

Privacy and security are terms that are often believed to be synonymous, but they’re actually quite different. Understanding what that difference is plays a key role in ensuring that your organization maintains a strong security posture, while also performing your due diligence to protect your customers’ sensitive data. In this webinar, our Director of Regulatory Compliance, Mark Hinely, discusses the differences between privacy and security, why understanding the difference matters,…

The Dangers of End-of-Support Operating Systems

by Sarah Harvey / June 14, 2023

Computer hardware and software is not built to last forever. End-of-support operating systems are one of the most common vulnerabilities discovered on enterprise networks. Why? Typically, it’s for one of two reasons. First, the organization could just lack a refresh of technology. But, end-of-support vulnerabilities could also occur because organizations need legacy software that will only function on an older operating system. Here's some end of support guidance for common…

Why Would Someone Want to Compromise Medical Data?

by Sarah Harvey / December 16, 2022

Imagine if you could search someone’s name on Google, and their full span of medical data and complete medical history was available. An employer could do it, a potential date could do it, an estranged family member could do it – how scary would that be? There’s debate about how much the average piece of medical data is worth, but trust us, it adds up. The many facets of the…