It’s ten p.m. on a weekend night. You’re relaxing at home when your phone rings. It’s your chief information security officer. Your company has experienced a security incident and panic starts to set in.

Many cloud service providers (CSPs) are not fully addressing the database scanning requirements for FedRAMP and have questions related to database security and FedRAMP. This article details the issues associated with not meeting the database scanning requirement, the most common reasons why this occurs, what can be done to improve this and what to consider with database security beyond scanning.

With a majority of business operations riding on the shoulders of technology today, the success of one requires the coordination of many. That means a lot of vendors are involved in the handling and care of your sensitive data. How can companies ensure that the volumes of vendors they work with are compliant with all industry regulations and are properly protecting their business data?

Security is vital to the healthcare industry. Thirteen percent of CIOs, CTOs and CSOs reported being targeted by external threat attempts almost once a day, and 12 percent reported about two or more attacks per week. Furthermore, 16 percent of healthcare organizations admitted they are unable to detect in real time if their systems are compromised.

As larger players in the healthcare industry like Anthem, Humana, and UnitedHealth Group begin to embrace the HITRUST Common Security Framework (CSF) in an attempt to manage the ever-evolving compliance landscape, the desire for HITRUST certification has increased exponentially. However, for many organizations the road to certification is a long one.

Even if you have the greatest product in the world, it won’t sell if no one knows about it. You’ve got to invest in the proper promotional channels to get the word out. The same principle applies to an organization’s compliance program.

Healthcare service providers are being told that they must begin their HITRUST Validated Assessment process soon, especially to meet the 2017 deadline for HITRUST Certification. The looming deadline and the lack of familiarity with the validation process are causing some fear. But have no fear! This article will provide guidance on the process and the necessary information needed to navigate the Validated Assessment process and obtain certification.

Promoting a culture of ethics and compliance is a fundamental component to the success of any organization. Although sometimes difficult to realize, the actual benefit of an ethics and compliance program exists in its ability to reinforce good decision making and ultimately steer us away from trouble. After all, just one mistake can leave you on the wrong side of the law, not to mention the financial drain and damage it can have on your company’s reputation. To create a culture that values ethics and compliance, we must realize a critical component: the buy-in. Simply put, everyone in the organization needs to be on board with the program.