Cybersecurity compliance program

The Cybersecurity Maturity Model Certification (CMMC), version 2.0, is on pace to be finalized sooner than expected. That means Department of Defense (DoD)...

Back in August, HITRUST began supporting the security requirements of the Trusted Exchange Framework and Common Agreement (TEFCA) program. The TEFCA Recognized Coordinating...

With the alphabet soup you see every day that is the myriad of industry regulations your organization must contend with; it could be...

There are plenty of industry-related regulations your company must follow, and one of them is likely the HITRUST Common Security Framework (CSF). However,...

It is official – 10 percent of U.S. states have data privacy legislation on the books.    About a month ago, Connecticut joined California, Virginia,...

NIST is known for its intense Cybersecurity Framework, but it also has a reputation for providing collaboration between its programs. This includes the...

Startups often operate in regulatory grey areas, with many founders preferring to execute now and ask for forgiveness from regulators later. However, growing...

In late March, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) reported four new HIPAA enforcement actions after...

At the end of March, the Payment Card Industry Security Standards Council (PCI SSC) published version 4.0 of its PCI Data Security Standard...

The most recent American Institute of CPAs (AICPA) System and Organization Controls 2 (SOC2) guide was released in January 2018, but it is...