Our Thoughts On

Sort by



Articles 51 - 60 of 61

SOC 2 Reports Meet Certification Program Requirements for Access to the Death Master File

On June 1, 2016, the National Technical Information Service (NTIS) issued the final rule for how entities receiving the Limited Access Death Master File
Steve Earley | 3.24.2016

SOC 2 Privacy: Are You Ready for the Changes?

Following up to an article we posted last July regarding changes to the American Institute of Certified Public Accountants (AICPA) Trust Services Principles

Healthcare Organizations Can Implement the NIST Cybersecurity Framework with HITRUST

Healthcare organizations face growing challenges in regards to protecting their patient information. Recent studies found that the healthcare sector had

Efficiency in Reporting: SOC2 Plus HITRUST

HIPAA, ISO, and COBIT, oh my! Companies that create, access, store or exchange personal health and financial information are beginning to feel a never-ending
Register to receive our weekly newsletter with our most recent columns and insights.
Frank Dezort | 1.21.2016

Standard SOC 2 Report Not Meeting Client Needs?

Upon distribution of your SOC 2 report, do you find that many clients are requesting additional subject matter related to your services or requesting that
Bill Deller | 12.28.2015

Office for Civil Rights/University of Washington Medicine's $750,000 HIPAA Settlement

Covered Entities are defined in the HIPAA rules as a) health care providers who transmit any health information electronically in connection with transactions,
Carley Taslov | 8.26.2015

Disclosure Form Changes: Know Before You Owe

Effective October 3, 2015, the Consumer Financial Protection Bureau (CFPB) will combine two sets of existing disclosures under the Real Estate Settlement
Audit, SOC
Scott Walton | 8.5.2015

2015 AICPA SOC School

The American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) School - Advanced Guidance for Successful Engagements
Register to receive our weekly newsletter with our most recent columns and insights.

ASEC Issues Exposure Draft to Revise TSP Section 100, Trust Services Principles and Criteria for SOC 2 Reports

On June 15, the Assurance Services Executive Committee (ASEC) of the American Institute of CPAs (AICPA) issued an exposure draft proposing revisions to

Do Companies that Handle Personal Health Information Require a Service Organization Control (SOC) Report?

The superficial answer is no. Companies that store, process or collect protected health information (PHI) electronically or in paper form are not required
Register to receive our weekly newsletter with our most recent columns and insights.

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.