Covered Entities and Business Associates under HIPAA Compliance
The Department of Health and Human Services (HHS) has issued the HIPAA Omnibus Final Rule in January 2013. The rule’s security and privacy implications lie in its strengthening of regulatory protections for patient information and increasing fines for HIPAA violations. HHS has taken a series of steps to strengthen patient [...]
Benefits and Applicability of SOC 2 Reports
Third party organisations that successfully complete a SOC 2 audit can offer their clients reasonable assurance that an independent reviewer has assessed their controls that relate to operations and compliance; and they meet the criteria prescribed by AICPA for the five TSCs. The report helps to prioritise risks in order [...]
Enhanced SOC 2 Reports
Enhanced SOC 2 reports are highly flexible tools that can incorporate multiple frameworks and industry standards into third-party assurance reporting. For Outsourced Service Providers (OSP’s), the benefits are even more significant. Consider that these businesses must often respond annually to hundreds of individual audit requests, customer questionnaires, and requests for [...]
SOC Reporting options
When considering the broad spectrum of services provided by outsourced service providers in today’s marketplace, some service types lend themselves clearly to one SOC reporting option over another. To best understand the reporting options, it’s important to consider the intended use and audience in each case. There are three SOC [...]
Secure Your Apps with E Com Mobile App Security Testing Checklist
Like all software, mobile apps often contain vulnerabilities (introduced by errors in design or implementation or by malicious intent) that can expose a user, a mobile device and its data or enterprise services or its data to attacks. Any one of many simple errors that a developer can make potentially [...]