Overview SOC 2 was created by the American Institute of Certified Public Accountants (AICPA), a professional organization for certified public accountants in the United States.
SOC (Service Organization Control) audit reports are used to assess the security and control of a service provider’s system and the services they provide to
ISO 27001 is an international Standard for the implementation of an enterprise-wide Information Security Management System (ISMS), an organized approach to maintaining confidentiality, integrity and availability (CIA) in an organization.
This blog article explains the ISO 27001 certification process and best practices for implementation.
Overview The General Data Protection Regulation (GDPR) was introduced by the European Union (EU) to regulate the processing of personal data and to harmonize data
The HITRUST CSF is a framework that normalizes security and privacy requirements for organizations, including federal legislation (e.g., HIPAA), federal agency rules and guidance (e.g., NIST), state legislation (e.g., California Consumer Privacy Act), international regulation and industry frameworks.
According to HHS, any individual or entity that performs functions or activities on behalf of a covered entity that requires the business associate to access PHI is considered a business associate.
The Security Rule operationalizes the protections contained in the Privacy Rule by addressing the technical and non-technical safeguards that organizations called “covered entities” must put in place to secure individuals’ “electronic protected health information” (e-PHI)
Quick overview of the main differences between HIPAA and SOC 2 compliance frameworks.
Get email alerts when we publish new blog articles!
