HIPAA and the Use of Online Tracking for Marketing Purposes

HIPAA and web tracking featured

Due to some recent actions against online medical providers like BetterHealth and GoodRX, the Department of Health and Human Services has released a new warning for covered entities regarding the tracking methods they use on their websites. 

While web tracking has become a typical technology for most businesses, it’s not a cut-and-dry proposition for healthcare providers who have to maintain patient privacy. 


Read More

CPAs and CISAs: Choosing the Right SOC 2 Auditor

SOC 2 Auditor featured

In today’s ever-evolving digital landscape, our central concern revolves around safeguarding data security and privacy. As businesses increasingly depend on cloud services and third-party vendors to manage their data, it becomes crucial to ensure these service providers adhere to stringent security standards. 

A prominent standard in this domain is the Service Organization Control 2, or SOC 2, a framework developed by the American Institute of Certified Public Accountants (AICPA). SOC 2 evaluates and reports on the controls at service organizations that directly impact customer data.

In this discussion, we delve into SOC 2 assessors and the essential factors to consider when selecting one.


Read More

What Is Advanced Encryption Standard (AES), and How Is it Related to NIST?

Advanced Encryption Standard featured

Our digital age is rooted in the exchange of data, and therefore security of that data. Obfuscation, or encryption, has served as the backbone of that security for decades. As threats have evolved and attackers have found new and more sophisticated ways to break encryptions, it has been up to experts to provide solutions. In the year 2000, the solution was the Advanced Encryption Standard, or AES, which replaced aging encryption methods.


Read More