Road to HIPAA Compliance: Risk Analysis and Risk Management

by KirkpatrickPrice / January 27th, 2016

Risk Management for HIPAA Compliance Continuing down the Road to HIPAA Compliance, we will discuss what a risk assessment is, what that looks like according to HIPAA requirements, and how to analyze and manage risk.  What is a Risk Assessment? Why should you care about risk assessments? You must protect your assets, and to do that, we believe you need a formalized risk assessment. A risk assessment is a systematic process…

Third-Party Payment Processors: Risk and Regulation

by KirkpatrickPrice / January 7th, 2016

Are you looking to learn about compliance risk and the importance of having effective compliance management systems? Are you unsure about what regulations apply to payment processing and need to review the regulatory landscape? Are you looking to learn about enforcement actions brought against banks and payment processors and what it could mean for you and your organization? This webinar educates listeners with an overview of third-party payment processors (TPPP),…

5 Steps to Mastering a Risk Assessment

by Sarah Harvey / February 3rd, 2015

Performing a Risk Assessment is a critical component of any Information Security Program. It’s mandated by several frameworks (SSAE 16, SOC 2, PCI DSS, ISO 27001, HIPAA, FISMA). In order to comply with those frameworks, your organization has to complete a risk assessment, and then assess and address the risks by implementing security controls. The Risk Assessment process is a constantly moving and evolving process for an organization. So, where…

CFPB Readiness Series: Making Risk Assessment Work For You

by KirkpatrickPrice / March 24th, 2014

Once you’ve determined that you need to undergo a CFPB audit, conducting a risk assessment enables you to find and address gaps before the audit begins. What is a Risk Assessment and Why Should I Care? A risk assessment is a systematic process of evaluating the potential risks that may be involved in a projected activity or undertaking. It involves evaluating operational, compliance, and reputational risks. Aside from being mandated…