How Do I Get Compliant with Information Security Laws and Regulations?
Any organization that handles sensitive information—whether personal information, critical infrastructure systems, financial information, intellectual property or sensitive government information—is subject to laws and regulations for protecting that information.
The common requirement of HIPAA
, Meaningful Use, Massachusetts CMR 17.00, FISMA, CIP, PCI DSS or Gramm Leach Bliley is that each organization must select their controls on the basis of a risk assessment
and must oversee the effectiveness of those controls using risk management
HALOCK can assist organizations in understanding the laws and regulations that they must follow to protect information and guide them through the compliance process including the risk assessment and risk management process.
HALOCK provides compliance services for the following requirements:
- PCI DSS
- PCI PA-DSS
- HIPAA Security Rule and Meaningful Use
- Massachusetts 201 CMR 17.00 and state breach laws
- Gramm Leach Bliley
- NERC CIP
- ISO 27001
- Many others, including requirements placed on organizations for reducing risks after data breaches occur.
If you handle sensitive information and are subject to laws and regulations for protecting that information, contact HALOCK today to discuss of Compliance services and programs.