What Will Be in My HIPAA Compliance Report? The 4 Main Components to a HIPAA Compliance Report

by Sarah Harvey / December 22, 2022

You’ve partnered with a third party, you’ve properly scoped your environment, you’ve conducted a HIPAA Risk Analysis, you’ve remedied any non-compliant findings, you’ve worked with your auditor, you’ve completed your HIPAA audit, and now you’re finally receiving your HIPAA compliance report. Congratulations! So, what’s actually included in a HIPAA compliance report? Here are the 4 main components of a HIPAA compliance report:     The 4 Main Components to a…

Episode 1 – Who is HITRUST & What is the HITRUST CSF?

by Joseph Kirkpatrick / December 22, 2022

Have you been asked by a top client to become HITRUST CSF certified? Are you looking for a better way to demonstrate compliance with HIPAA laws? What exactly is HITRUST and how does it apply to your organization? KirkpatrickPrice is an approved HITRUST CSF Assessor, prepared to help Business Associates understand who HITRUST is, what the HITRUST CSF is, and how you can apply HITRUST CSF certification to your organization.…

Navigating the HITRUST CSF

by Sarah Harvey / February 20, 2023

In this webinar, Jessie Skibbe discusses one of the most important steps in the certification journey: scoping. She will cover how to scope your environment for a HITRUST CSF assessment and how to define the risk factors related to your scope.  Scoping is the very first step in your certification journey. Before you even contact an assessor, you must determine what your scope is. The controls of the HITRUST…

5 Deadly Information Security Mistakes to Avoid

by Sarah Harvey / June 15, 2023

Learning to swim ahead of the latest threats in information security is important for avoiding a devastating run-in with a malicious attacker. So, we’ve compiled some exclusive advice from our expert security professionals that dispels common misconceptions about information security by outlining some of the deadliest information security mistakes your organization must avoid. Protect your sensitive assets and prevent a data breach from happening at your organization by avoiding these…

PCI Requirement 3.7 – Security Policies & Operational Procedures

by Randy Bartels / December 22, 2022

PCI Requirement 3 states, “Protect stored cardholder data.” We’ve discussed encryption, truncation, masking, and hashing – all methods that can be used to protect cardholder data. We’ve talked about dual control, split knowledge, rendering data unreadable, key-custodians, PAN, sensitive authentication data – all elements that need to be understood in order to fully protect and store cardholder data. But it’s not enough just to learn and talk about these things;…