Bernard Gallagher

Bernard Gallagher

Bernard Gallagher is the Senior Vice President at Compass Assurance Team, with over 30 years of expertise in IT security, compliance, and auditing. He has guided organizations across industries such as financial services, healthcare, and technology, helping them meet SOC 1, SOC 2, HIPAA, and HITRUST compliance standards while strengthening their security postures. As a compliance leader, Bernard has extensive experience with SOC 1, SOC 2, HIPAA, HITRUST, and Sarbanes-Oxley requirements, as well as IT security assessments, privacy audits, and enterprise risk management. He has also served as a Virtual Compliance Officer (VCO), helping organizations enhance their security posture and achieve regulatory compliance efficiently. His technical expertise spans network and application security, data encryption, disaster recovery, business continuity, and forensic analysis. With a Bachelor of Science from Drexel University, an MBA in IT Management, and certifications like CISSP and PMP, Bernard combines leadership and expertise to help clients achieve compliance and long-term success.

Posts by Bernard Gallagher

Top Security Tools to Simplify Your SOC 2 Compliance Journey

by Bernard Gallagher on March 13, 2025 at 3:52 PM

SOC 2 Compliance Security Tools

Navigating the complexities of SOC 2 compliance can be a daunting task for businesses, especially when they need to establish secure, reliable, and repeatable processes. A comprehensive SOC 2 audit focuses on five key Trust Service Criteria: security, availability, processing integrit …

Read Story

Topics: Compliance SOC 2 Software

SOC 2 for Healthcare: A Compliment to HIPAA Compliance

by Bernard Gallagher on March 8, 2025 at 1:00 PM

Hospital SOC 2 HIPAA

In today’s digital healthcare landscape, protecting sensitive patient data is a top priority. Healthcare providers are tasked with safeguarding information in compliance with rigorous regulations such as the Health Insurance Portability and Accountability Act (HIPAA). However, achievi …

Read Story

Topics: Healthcare Security HIPAA SOC 2

FinTech Security: How SOC 2 Drives Investor & Client Trust

by Bernard Gallagher on February 28, 2025 at 2:45 PM

FinTech SOC 2

In the world of financial technology (FinTech), trust is a currency as valuable as money. As startups and established firms alike strive to innovate, they must also prioritize protecting sensitive financial data. For FinTech companies, achieving SOC 2 attestation is more than a compli …

Read Story

Topics: SOC 2 Finance

Aligning Zero Trust Principles with SOC 2 Trust Service Criteria

by Bernard Gallagher on February 11, 2025 at 4:20 PM

Zero Trust SOC 2 Compliance

Achieving SOC 2 compliance requires organizations to implement rigorous security controls, and adopting a Zero Trust approach can significantly enhance this effort. Zero Trust is built on the principle of “never trust, always verify”, ensuring that access to systems, data, and applica …

Read Story

Topics: Compliance SOC 2

When SOC 2 Compliance Makes Sense

by Bernard Gallagher on January 28, 2025 at 3:51 PM

When SOC 2 Compliance Makes Sense

In today’s business landscape, security and trust are paramount. SOC 2 compliance has become a widely recognized standard for demonstrating a commitment to protecting sensitive data and maintaining robust security practices. Whether you’re working with enterprise clients, handling cri …

Read Story

Topics: Compliance SOC 2

SAS 145 and IT General Controls: What Organizations Need to Know

by Bernard Gallagher on January 13, 2025 at 2:30 PM

SAS 145 and IT General Controls

The release of SAS 145 (Statement on Auditing Standards No. 145) represents a significant shift in how auditors evaluate and respond to the risks of material misstatements, particularly in complex IT environments. As IT General Controls (ITGCs) underpin key financial processes and rep …

Read Story

Topics: Compliance SOC 2 SOC 1
1 2

See all

See all

Subscribe by email