by
Sarah Harvey / December 19, 2022
Who must be HIPAA Compliant, and how can they prepare? If you are just beginning to learn about HIPAA, you may be wondering, "Who must be HIPAA Compliant?" Up until 2009, the answer was simple: Covered Entities. But when the Health Information Technology for Economic and Clinical Health (HITECH) Act passed, it expanded the oversight of the Office for Civil Rights (OCR) to Business Associates. The HITECH Act was passed…
by
KirkpatrickPrice / December 19, 2022
What HIPAA Means for Covered Entities and Business Associates What is HIPAA? How does HIPAA apply to my business and what must I do to ensure I’m HIPAA compliant? Watch as our HIPAA Expert, Stephanie Rodrigue, walks us through the ins and outs of HIPAA and protecting ePHI for covered entities and business associates. Stephanie Rodrigue Explains HIPAA's Impact on Covered Entities & Business Associates What is HIPAA? HIPAA refers…
by
Sarah Harvey / December 19, 2022
SOC 1 vs. SOC 2 Reports: What's the Difference? As a service organization, you are familiar with audit requests from clients who are required to meet specific compliance and audit requirements, and you have most likely been asked whether your organization is SOC 1 compliant or SOC 2 compliant. We often get asked: What are the differences between a SOC 1 vs. SOC 2 audit? Which SOC report should you…
by
Sarah Harvey / February 5, 2024
It’s no secret that the PCI Data Security Standard is one of the most robust information security standards that exists. With approximately 400 controls, understanding all of the ins and outs of the standard can cause quite the headache without the proper resources and expertise. When selecting a third party Qualified Security Assessor (QSA) to perform your PCI audit, we recommend choosing an auditor that can help with readiness as…
by
Sarah Harvey / February 7, 2023
Which Trust Services Criteria Do I Need to Include in my SOC 2 Audit? Once you’ve determined you are ready to pursue a SOC 2 audit report, the first thing you have to decide is which of the five Trust Services Principles (recently updated to Trust Services Criteria) you want to include in your SOC 2 audit report. SOC 2 reports can address one or more of the following categories:…
