Schellman is a leading provider of attestation and compliance services. We are the only company in the world that is a CPA firm, a globally licensed PCI Qualified Security Assessor, an ISO Certification Body, HITRUST CSF Assessor, a FedRAMP 3PAO, and most recently, an APEC Accountability Agent. Renowned for expertise tempered by practical experience, Schellman's professionals provide superior client service balanced by steadfast independence. Our approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives through a single third-party assessor.
By:
Schellman
February 11th, 2025
TAMPA, Fla. – Schellman, a leading provider of attestation and compliance services and a top 50 CPA firm, is proud to announce the appointment of Preeya Voss as its new Chief Revenue Officer. Voss brings nearly two decades of experience in SaaS and services revenue leadership, with a proven track record of driving transformative growth across diverse industries and customer segments.
Education | Artificial Intelligence
By:
Schellman
February 10th, 2025
*Disclaimer: This article was written using a translated copy of the South Korea AI Basic Act* After the European Union paved the way for creating a legal framework for artificial intelligence (AI) in early 2024, many wondered what government or jurisdiction would follow. The year continued with discussions on how to best implement AI governance and debates on where the line stands between sufficient governance and proper opportunity for creativity in the technology industry. Fast forward a couple of months, as the world prepared to welcome in the new year those questions were finally answered. In late December 2024, South Korea stepped forward proposing their own legislation regarding AI. By January 21, 2025, they became the second entity to propose AI regulation with the passing of the AI Basic Act. To address the obvious next question of when these regulations will be enforced, the enforcement date stands as January 22, 2026, giving organizations roughly a year to prepare. It’s also worth noting that this act contains six sections with 43 articles, and we've outlined the key points below.
By:
Schellman
January 23rd, 2025
As the overarching regulation for healthcare data in the United States, the Health Insurance Portability and Accountability Act has helped secure what is considered personally identifiable information (PII) and its transfer/disclosure within the sector. Under HIPAA, providers and their business associates (BAs) must meet the law’s requirements, including the administrative safeguards within its Security Rule.
By:
Schellman
December 11th, 2024
TAMPA, Fla.--(BUSINESS WIRE)-- Schellman & Company, LLC, a leading provider of attestation and compliance services and top 50 CPA firm, is pleased to announce the carve-out acquisition of the Third-Party Risk Management (TPRM) practice from Connor Consulting. This deal marks another significant milestone in Schellman’s strategic growth through acquisitions and its dedication to delivering tailored, independent compliance and governance assessments.
By:
Schellman
December 3rd, 2024
Consider this—you’re going on an epic trip to Peru to see Machu Picchu. You have plans for incredible food, hikes, and photos, and then someone offers an extra ziplining excursion while you’re in the country. You’ve already paid so much for what will already be an amazing trip, so do you really need to make the extra investment?
By:
Schellman
November 12th, 2024
TAMPA, Fla. – November 12, 2024 – Schellman Compliance, a leading provider of compliance services, is pleased to announce the successful acquisition of Sustas, LLC practice, a firm specializing in sustainability reporting services. As part of the transaction, Sustas’s clients and personnel will join Schellman, further strengthening the firm’s ability to deliver tailored, industry-leading sustainability compliance, consulting, and assurance solutions.
By:
Schellman
October 16th, 2024
When the COVID-19 pandemic spread across the globe in 2020, the need for social distancing and isolation impacted the availability of in-person, non-emergency healthcare appointments. As a result, telehealth became a common way for healthcare providers to serve their patients without seeing them in-person, and with its rise came related HIPAA compliance concerns.
By:
Schellman
October 9th, 2024
These days, with recent ransomware attacks disrupting healthcare providers and affecting millions of Americans, it’s become painfully clear that cybersecurity in this sector is no longer just an IT issue—it’s a patient safety issue, and the stakes are higher than ever. The proposed Health Infrastructure Security and Accountability Act of 2024 (HISAA), spearheaded by Senators Ron Wyden and Mark Warner, aims to address these vulnerabilities head-on.