.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
HIPAA Compliance and Audit Controls - What You Need to Know
by Geoff Yeagley on February 22, 2017 at 4:45 AM
If you have read the news lately on healthcare and specifically HIPAA, you probably saw references to a recent HIPAA settlement between Memorial Health Systems of Florida and the Department of Health and Human Services (HHS). I’m sure the amount of the settlement caught your attention …
5 Quick Tips To Help With Information Security
by Geoff Yeagley on November 29, 2016 at 1:30 PM
Information Security is a moving target. Once you "think" that you have it figured out, boom, here comes another new threat to knock you back on your heels and question just how strong your Information Security program is. That's the bad news. The good news is that we are going to giv …
IT GRC - Compliance
by Geoff Yeagley on August 2, 2016 at 11:34 AM
Over the past week we have been discussing an overview of IT Governance, Risk, and Compliance as well as diving into each of the components that make up this program. Today we are going to talk about the final piece of the IT GRC puzzle: Compliance.
Critical Security Control 19: The Incident Response Plan
by Geoff Yeagley on May 17, 2016 at 12:16 PM
In the world of Information Security, we have all heard of the Center for Internet Security Top 20 Critical Security Controls (CSC's) which is formerly known as the SANS Top 20. This is a list of the 20 IT Security Controls that an organization can implement to strengthen their IT Sec …
PCI Compliance - PCI DSS 3.2 By the Numbers
by Geoff Yeagley on April 26, 2016 at 10:00 AM
PCI DSS 3.2 is coming and that means some changes for Merchants and Service Providers and the steps that they take to mitigate their risk of a breach involving credit and debit cards. While change is inevitable, change can still be difficult,especially when you are talking about all o …
The HIPAA Risk Assessment - Who Needs One and When?
by Geoff Yeagley on March 9, 2016 at 10:30 AM
Healthcare breaches are nothing new, in fact they have become quite common in the news on a weekly basis. As an example of this, a Central Florida Oncology provider recently announced that it suffered a data breach at the hands of a hacker, resulting in the compromise of the personal …