Accelerate the CMMC Certification Process

The Defense Department’s new high-profile cybersecurity regulations, CMMC, is on schedule for implementation this year. The CMMC Certification is part of the Defense Department’s push to protect industrial base networks and controlled unclassified information from cyber¬attacks. The CMMC rules will require contractors to be certified by third-party auditors, which will ensure that companies adhere to specific standards. Organizations will be required to meet different security requirements depending on the type of work they are doing, with level 1 being the lightest and level 5 the most stringent.

Read More

FedRAMP or FISMA – What’s the Difference

FedRAMP and FISMA

Government compliance standards can seem like a veritable alphabet soup. Making matters worse, many of them, like FedRAMP and FISMA seem to overlap, and many organizations aren’t sure which rules are mandatory to do business. With the rise of cloud computing, there has been an increased emphasis within the government to transition to commercial cloud services. It is mandated within the government to move to cloud-based services if they are available to meet the mission need of the federal agency.

Two standards that seem to cause the most questions are FISMA and FedRAMP.

Read More

HIPAA Compliance and Telehealth

HIPAA Compliance and Telehealth

One of the many changes brought by the COVID-19 pandemic may be the permanent expansion of telehealth. According to a recent study, the US telehealth market is expected to witness an 80% year-over-year growth in 2020. Numerous video communications services exist, not all provide sufficient privacy and security to facilitate the provision of health care (and HIPAA compliance). While the Office for Civil Rights (OCR) of the United States Department of Health and Human Services (HHS), the division charged with enforcing HIPAA, has provided some flexibility during the pandemic, at some point, it is reasonable to assume that OCR will again raise standards.

Read More