Blog Archives

SOC 2 Reporting Update: 2017 Trust Services Criteria

by Sarah Harvey / December 20, 2022

SOC 2 Compliance: Reporting Changes You may have recently noticed some changes in SOC 2 reporting, like the inclusion of an internal control framework and a change from “Trust Services Principles” to “Trust Services Criteria.” Why the changes? The AICPA’s Assurance Services Executive Committee (ASEC) recently issued a SOC 2 reporting update that includes a new set of 2017 Trust Services Criteria, which will provide integration with the 2013 COSO…

Enforcement Trends: Lessons from the HIPAA Privacy Rule

by Sarah Harvey / December 20, 2022

Enforcement of the HIPAA Privacy Rule The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) enforces the HIPAA Privacy Rule. Enforcement trends are the most direct way that the OCR can tell us what or where they’re looking at. In the most recent enforcement results, the OCR reports that it has received over 171,161 complaints since the HIPAA Privacy Rule took effect in 2003. These complaints…

How Does the HIPAA Privacy Rule Affect Your Practice?

by Sarah Harvey / December 15, 2022

Many business associates and covered entities are already overwhelmed with responsibilities, so it can be a struggle to find the staff and resources to dedicate to managing strict regulatory demands. In our highly data-driven world, ensuring the privacy of customer data, specifically protected health information (PHI) and patient data, is becoming a top priority of organizations worldwide. In the world of healthcare, the HIPAA Privacy Rule exists to aid business…

Top Cybersecurity Trends for 2018

by Sarah Harvey / June 14, 2023

It’s the beginning of a new year, and everyone wants to know what cybersecurity trends to look out for in 2018. 2017 left a lot of destruction in its wake from cybersecurity attacks and high-profile breaches. And while we can’t 100% say what is to come, we’ve compiled a few cybersecurity predictions based on what we do know. Here are five of the top cybersecurity trends for 2018: Five Cybersecurity…

PCI Requirement 9.1.2 – Implement Physical and/or Logical Controls to Restrict Access to Publicly Accessible Network Jacks

by Randy Bartels / May 31, 2023

Controls for Publicly Accessible Network Jacks To ensure that visitors cannot exploit network jacks, PCI Requirement 9.1.2 requires that organizations implement physical controls and/or implement logical controls that restrict access to publicly accessible network jacks. The PCI DSS also explains, “Restricting access to network jacks will prevent malicious individuals from plugging into readily available network jacks and gain access into internal network resources. Whether logical or physical controls, or a…

Blog

Blog

SOC 2 Reporting Update: 2017 Trust Services Criteria

Enforcement Trends: Lessons from the HIPAA Privacy Rule

How Does the HIPAA Privacy Rule Affect Your Practice?

Top Cybersecurity Trends for 2018

PCI Requirement 9.1.2 – Implement Physical and/or Logical Controls to Restrict Access to Publicly Accessible Network Jacks

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.