top of page

Compliance Framework Reviews

The amount and scope of compliance regulations continues to increase. Nearly every public and private organization now has to consider if their business is required to comply with these regulations. Many of the newly published regulations pertain to cybersecurity. The primary intent of these regulations is to provide baseline system and data security standards. The standards provide security-based guidelines for both information technology systems and the data stored on them.

​

Therefore, organizations must keep pace with these changes and ensure that their systems and procedures comply with the regulations. Whether you’re maintaining compliance or establishing it for the first time, our team is here to guide you every step of the way.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that established national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge.

The US Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to implement the requirements of HIPAA. The HIPAA Security Rule protects a subset of information covered by the Privacy Rule.

Payment Card Industry - Data Security Standard (PCI-DSS) sets the technical and operational requirements for organizations accepting or processing payment transactions, and for software developers and manufacturers of applications and devices used in those transactions.

The Gramm-Leach-Bliley Act (GLBA) requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.

The Gramm-Leach-Bliley Act (GLBA) requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.

ISO/IEC 27001 is widely known, providing requirements for an information security management system (ISMS), though there are more than a dozen standards in the ISO/IEC 27000 family. Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.

The California Consumer Privacy Act (CCPA) gives consumers more control over the personal information that businesses collect about them and the CCPA regulations provide guidance on how to implement the law.


The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU).

Contact Us

Thanks for submitting!

bottom of page