BLOG STACK
seal_ok
seal_ok seal_ok seal_ok
seal_ok seal_ok seal_ok
seal_ok seal_ok seal_ok
seal_ok seal_ok
seal_ok seal_ok seal_ok seal_ok seal_ok seal_ok
seal_ok seal_ok seal_ok seal_ok seal_ok seal_ok
HIPAA

HIPAA

HIPAA, short for Health Insurance Portability and Accountability Act, which was passed by United States congress in 1996, is a legislation that entails the protection of health information. It provides national standards for healthcare information and transactions, and minimizes healthcare fraud. For more information, check this page.

ISO 27001

ISO 27001

ISO/IEC 27001 is the most popular standard in the 2700 family, which involves the security of information assets. This standard provides requirements for an ISMS, short for information security management system, by using a process of risk management. For more information, check this page.

PCI-DSS

PCI DSS

PCI DSS, which stands for Payment Card Industry Data Security Standards, it helps create a worldwide standard for companies that accept or work with major credit cards providers to ensure security. It wishes to provide a list of policies, standard implementations and technologies. For more information, check this page.

AICPA SOC-1

SOC-1

SOC-1, the Service Organization Controls Report, previously known as SSAE, the Statement on Standards for Attestation Engagements, is a report that sets the standards for an audit of a user entity’s financial statements. Basically, it says what you need to show as a user entity, in financial terms (a financial transaction per se), in case of a service control. For more information, check this page.

AICPA SOC-2

SOC-2

Just as SOC-1, SOC-2 focuses on information reports and statements. It is based on the Trust Service Principles, and It is concerned with the data security behind transactions, and the privacy of the user entity doing the said transaction. This report concerns SaaS companies, which handle customers’ information. For more information, check this page.

AICPA SOC-3

SOC-3

The SOC-3 report entails the same things as SOC-2. The main difference is that it is destined for a wider audience and can be distributed freely. It is also based on the Trust Service Principles, which are security, availability, processing integrity, confidentiality and privacy. For more information, check this page.