Social Engineering is a low-tech method used for gaining access to resources whether they are physical, technical, monetary, or informational (e.g. trade secrets, confidential). Phishing is one example of Social Engineering What is Social Engineering? Social Engineering is the art and science of getting people… Continue Reading
As a Certified HITRUST Assessor and career healthcare compliance and security specialist, I was very pleased to see OCR’s April Cybersecurity newsletter highlighting the differentiation between a HIPAA RISK Analysis and a HIPAA GAP Analysis. The confusion or lack of true understanding around the difference in these two… Continue Reading
As the GDPR enforcement date is upon us, many companies are shifting into panic mode trying to really understand not only what the GDPR means to their company operationally, but also where their true risk lies. How do they evaluate that risk? How do they… Continue Reading
How does the GDPR compare to IKEA? Well they’re both European for starters, and while IKEA is #trendy, GDPR is #trending. With the work I’ve done with clients utilizing our consulting services for GDPR support (which is primarily serving as liaison between the client and… Continue Reading
“It was the best of times it was the…” No really – it was great! What an exciting opportunity we had at CompliancePoint last week as we hosted our workshop in Atlanta, “Navigating the GDPR.” As described at the event our goal was more interactive… Continue Reading
HITRUST addresses challenges within Healthcare As the most widely adopted framework within the healthcare industry, the Health Information Trust Alliance (HITRUST) was created to provide a certifiable standard for health information systems and exchanges that create, access, process, store or exchange protected health information… Continue Reading
HITRUST certification can support compliance with many other healthcare related regulations. Currently there are many regulatory obligations placed on healthcare security and privacy officers. The need to comply with a multitude of standards, laws, and regulations can be daunting. There are synergies and overlaps,… Continue Reading
How adhering to PCI-DSS principles could have prevented a data breach The series of breaches recently publicly disclosed by Equifax could have been prevented by following PCI DSS guidelines. PCI DSS is an internationally accepted standard of controls which, when applied at the most basic levels,… Continue Reading
When does the GDPR apply to US based companies? There has been much buzz circulating about the upcoming General Data Protection Regulation (GDPR). Yet, many organizations are still trying to figure out how it will actually apply to their business. This is particularly true for… Continue Reading
A common misunderstanding many organizations and IT professionals have is thinking that cardholder data is limited to the Primary Account Number (PAN) and the (Card Verification Value) CVV codes found on the card. However, this is not the case. Watch the short video below to… Continue Reading
Copyright © 2018 CompliancePoint, Inc. All Rights Reserved | Privacy Statements | 
Subscribe to RSS Feed
Follow us on YouTube
Follow Customer Engagement on Twitter
Follow us on LinkedIn
RSS Feed Signup