What Your MSP Should Know About HIPAA Compliance

Apr 8, 2021 Continuum GRC 0 Comment

Dreamstime image for resiliency. Visualize 2025 GRC strategies.

The complexity of healthcare service demands robust technical infrastructure. Advances in patient treatment, research, diagnostic tools and even predictive analytics and AI have pushed technologies available to healthcare providers, which means that these organizations turn to expert providers to give them new tools and features to revolutionize their patient care models. This increased reliance on Cloud Service Providers (CSPs) or a Managed Service Providers (MSP) means that these organizations must rely on HIPAA-compliant technologies, which means counting on HIPAA-compliant vendors to provide them.

Here, we discuss why HIPAA compliance is so important to MSPs, and why MSPs must not only be compliant but work with security experts and compliant partners as part of their operations.

How to Prepare for the Upcoming PCI DSS 4 Update

Mar 31, 2021 Continuum GRC 0 Comment

Featured PCI DSS 4 compliance. Continuum's 2025 updates for payment security.

The Payment Card Industry Data Security Standard is a voluntary security framework to help protect customers and merchants against the theft of credit card data during POS transactions. Like many other compliance frameworks, PCI DSS has continually evolved over the years to match new technologies and new threats to the privacy of consumers shopping online and off. As of 2021, the PCI Security Standards Council has announced the newest version of PCI DSS, version 4.0.

While the official documentation for the updated standard has, as of March 2021, not been released, many merchants and banks are preparing for the transition. Here are some basics into PCI DSS and the move to version 4 coming Summer 2021.

How Does CMMC Compliance Impact Small and Mid-Sized Businesses?

Mar 31, 2021 Continuum GRC 0 Comment

Featured CMMC security. Continuum GRC's 2025 defense cybersecurity.

The Department of Defense has made a significant push to improve the security of its cyberinfrastructure and supply chain (known as the Defense Industrial Base), and the result of this push is the Cybersecurity Maturity model Certification (CMMC) initiative. This framework uses existing security guidelines to provide an overview of necessary security requirements for federal contractors working with the DoD.

This framework isn’t just for large corporations. Many DoD agencies work with small and mid-sized businesses to leverage flexible cloud platforms, SaaS technology, or other IT services. That’s why it is just as important for SMBs to consider the impact of CMMC on their business now and over the next 5 years.