Posts by Dan Schroeder
Information Assurance Services for Healthcare IT Companies
HIPAA’s Security Rule requires healthcare IT companies to maintain reasonable and appropriate administrative, technical, and physical safeguards for Identifying and protecting e-PHI against anticipated threats to the security, integrity and unauthorized disclosure of the information. Today’s most publicized cybersecurity threats include: Phishing Attacks Social Engineering Ransomware Remote worker endpoint security DDoS attacks Poor software patch…
Read MoreLearn How to Adopt a Stress-Free PCI Compliance Process
At a glance: The main takeaway: For many payment facilitators, the PCI compliance process is notoriously stressful and often inefficient, leading to constant fire drills that disrupt business operations. Impact on your business: By viewing PCI compliance as an iterative process and adopting a more methodical approach, you can eliminate unnecessary headaches and better protect…
Read MoreCosts and Consequences of Healthcare Data Breach
Hackers have proven that there is no boundary they will not cross. They will even hold hostage data that impacts human life. “If your data can be monetized, be assured that it is a target,” shares Aprio’s Dan Schroeder in a recent data security and compliance webinar. In this 3 and ½ minute clip, he…
Read MoreRightsizing HIPAA Compliance for Business Stage
HIPAA, SOC II, HITRUST… If you work with healthcare entities you need compliance, but what is the appropriate level? Watch this 3 ½ min video clip as our HIPAA Assurance Lead, Dan Schroeder, breaks down four options: HIPAA Compliance Attestation SOC II HITRUST SOC II + HITRUST Report
Read MoreHealthcare IT and HIPAA Compliance: Choosing the Right Level Information Risk Management
Compliance with HIPAA and the growing list of privacy and security standards is essential to the growth of Healthcare IT companies. You know that you need to make HIPAA compliance and information risk management a high priority, but how do you choose the right level of risk management and compliance for your company? Determining the…
Read MoreNot All SOC 2 Reports are Created Equal
Information security in and of itself is incredibly complex. And the framework for SOC 2 examination and reporting is equally complicated. So, it’s not surprising that often neither customer nor service organization understand the difference between a good SOC 2 report and a bad one. The quality and utility of SOC 2 is in the…
Read More
