Road to HIPAA Compliance: Using the NIST Cybersecurity Framework to Protect PHI

by KirkpatrickPrice / December 19, 2022

The NIST Cybersecurity Framework: A Common Language for Cybersecurity Issues The cybersecurity realm is overwhelming – the issues, the regulations, the changes, the threats, the persistence. We’re living in a world where we hear about new breaches every day. None of us can possibly know everything about all cybersecurity issues, and that’s okay. We’re all vulnerable and overwhelmed, but that’s no excuse not to prepare and continually develop your organization’s…

What is an SSAE 18 (SOC 1) Type II Audit Report?

by Sarah Harvey / April 12, 2023

Harvest Strategy Group, Inc. recently completed its 5th annual SSAE 18 SOC I Type II audit in order to reinforce its industry leadership position in regulatory compliance through an extensive evaluation and audit of the internal controls and processes of its vendors and recovery partners. Headquartered in Denver, Colorado, Harvest Strategy Group, Inc. provides comprehensive accounts receivables management services to a variety of creditors, including banks, auto finance lenders, credit…

PCI Readiness Series: PCI Requirement 12

by KirkpatrickPrice / December 19, 2022

PCI Requirement 12: Maintaining an Information Security Policy When creating an information security policy, an organization must create a policy that addresses information security for all personnel. Let’s emphasize “all” – this policy is not just for the IT department but is for anyone that would/could be involved in some capacity with storing, processing, and transmitting cardholder data. PCI Requirement 12 helps oversee and govern an organization's PCI DSS compliance…

Road to HIPAA Compliance: Incident Response

by KirkpatrickPrice / December 19, 2022

Security, Incident, Response, Repeat There are several challenges when it comes to understanding security incidents and incident response. Our goal for this webinar is to answer several questions that occur while considering your organization’s incident response plan and creating policies and procedures to accompany your plan.  How would you define “security incident” for a practical, real-world setting? The regulatory definition of a “security incident” includes the access, use, disclosure,…

Overcoming Security Challenges at your Data Center

by Sarah Harvey / June 15, 2023

Information security has become a topic that is at the forefront of every business owner’s mind. With the influx of information stored in a data center, it’s becoming increasingly important that data centers take the right steps towards ensuring that they have the proper controls in place to provide secure and efficient services to their clients. Let's explore the challenges of data center security and look at ways we can…