What Software Companies Looking to Develop for the Healthcare Industry Need to Know

Software Companies Looking to Develop for the Healthcare Industry

The healthcare field presents several different opportunities for software companies, including data analytics, automated patient communications, telemedicine and transportation scheduling to name a few. However, healthcare is also one of the most heavily regulated industries as well. In 2019 alone, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) investigated 29,853 […]

Make PCI Compliance Easier; Automate PCI DSS Requirement 11.2

Automate PCI DSS Requirement 11.2

One of the key tenets of a good cybersecurity program is using security in layers and including automated tools to assess defense status. Automated tools are the only way to deal with the huge variety of network infrastructure components involved in our modern information environments. For example, the Payment Card Industry Data Security Standard (PCI […]

Am I Ready for a PCI ROC?

Am I Ready for a PCI ROC?

We recently answered the question, “How do I know if I have to be PCI compliant?” That post is a good way for those new to the Payment Card Industry (PCI) world to learn some of the basics. Now, we answer the question, “Am I ready for a PCI ROC?” by going more in depth […]

First HIPAA Risk Assessment? Here’s How to Be Prepared

Introduction to HIPAA Risk Assessments

The Health Insurance Portability and Accountability Act (HIPAA) mandates industry-wide standards for the protection and confidential handling of protected health information (PHI). This legislation outlines how companies store, manage, retain, and/or transmit this data. One important exercise organizations subject to HIPAA are expected to complete is a risk analysis. It can be a challenging effort […]

Do I Have to Be PCI Compliant?

How do I know if I have to be PCI Compliant

The Payment Card Industry Data Security Standard (PCI DSS) is designed to help organizations protect their customer’s credit and debit card data. Businesses are held accountable for PCI compliance and must pay heavy fines if they don’t meet the standards. This article offers basic PCI DSS information to help you answer the question, “Do I […]

Does HIPAA Apply to Me?

Does HIPAA Apply to Me?

A common question we hear when we mention Avertium’s compliance expertise is, “Does HIPAA Apply to Me?”. Due to nuances in the requirements, it’s a fair question. In this post, we describe how your organization can determine whether or not you are required to adhere to the HIPAA regulations for privacy and security of protected […]

PCI DSS Business as Usual: The Pandemic Proved Why Businesses Should Adhere

PCI DSS Business as Usual

The PCI DSS standards are designed to ensure that companies processing, transmitting or storing customer credit card information or companies that can affect the security of that information are protecting this data appropriately. The process for becoming PCI certified includes passing a yearly audit during which security controls are evaluated. For many years that meant […]

10 Ways Using SIEM Technology Can Automate Fulfilling HIPAA Regulations

Using SIEM Technology Can Automate Fulfilling HIPAA Regulations

Any organization that transmits health information electronically, including health plans, healthcare clearing houses, healthcare providers, and a covered entity’s business associates, must comply with the Health Insurance Portability and Accountability Act (HIPAA). Yet one of the top problems these organizations face is failure to properly safeguard electronic protected health information (ePHI). One of the greatest […]

3 Things for HIPAA Compliance When Returning to Normal Operations

HIPAA Compliance When Returning to Normal Operations

As workplaces begin to re-open, organizations are looking to return their employees to their office work environments. The Health Insurance Portability and Accountability Act (HIPAA) stipulates that employees are responsible for protecting the privacy of protected health information (PHI) at all times. This means employers must continually review and modify their security measures to ensure […]

Complying with HIPAA Encryption Standards; What You Need to Know

Complying with HIPAA Encryption Standards

The Yes or No Question: Have you encrypted your ePHI data at rest and in transit? Have you encrypted your electronic protected health information (ePHI) data at rest (being stored in persistent storage) and in transit (flowing from one point to another, whether it be the over the internet or a private network)? If your […]