.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Understanding the Difference Between HIPAA & HITRUST
by Mick Fitton on September 12, 2024 at 11:30 AM
When it comes to protecting sensitive health information, organizations must navigate a complex landscape of laws and frameworks designed to ensure data privacy and security. HIPAA, the Health Insurance Portability and Accountability Act, and HITRUST, the Health Information Trust Alli …
ISO 27001 vs. SOC 2: Discover the Differences
by Jerry Hughes on September 10, 2024 at 1:00 PM
ISO 27001 and SOC 2 are both essential frameworks for ensuring information security, but they are designed for different purposes and cater to several types of organizations. Understanding the answer to the question, “what is the difference between SOC 2 and ISO 27001?” is crucial for …
Penetration Testing Phases: Steps in the Process
by Jesse Roberts on September 6, 2024 at 1:00 PM
As cyber threats continue to grow in complexity and frequency, the need for regular penetration testing has become more critical than ever for organizations aiming to safeguard their sensitive data and systems. A well-executed penetration test follows a structured process designed to …
Exploring Rakuten Privacy and Data Collection Concerns
by Nicholas Foisy on September 6, 2024 at 11:22 AM
Rakuten is a popular platform for earning cashback on purchases, but like many online services, it comes with some privacy concerns. The platform collects and shares user data, which could raise questions for those who prioritize privacy. While the savings are appealing, it is importa …
Achieving SOC 2 Compliance for Artificial Intelligence (AI) Platforms
by Jerry Hughes on September 4, 2024 at 1:09 PM
Achieving SOC 2 compliance for Artificial Intelligence (AI) platforms is crucial for building trust with clients and stakeholders, especially as AI becomes increasingly integrated into critical business operations. SOC 2 compliance demonstrates that an AI platform has effective contro …
Cyber Incidents - Not if, but When (And When Just Happened)
by Brian Kelly on August 29, 2024 at 11:00 AM
For those of us in information security or cybersecurity, we have long said that it is not a matter of if but a matter of when you will be impacted by a breach or an incident. Over the last several weeks, we have seen when happening more frequently.