What is compliance? Some of you might be acutely aware of this term, and others might have little to no idea. In broad terms, business compliance means following the rules required to secure your business and the people that interact with it. More specifically, compliance is aimed at information security. Business Compliance means you are complying with requirements by a credible organization or government department that promotes the security and protection of sensitive information.
What Happens if I Don’t Follow These Rules?
Becoming and staying compliant is a must! Being compliant grants you access to resources that your business needs, and it promotes a trustworthy reputation. Some compliances are required while others are strongly recommended. Not being compliant can deny you access to the resources or critical tools that are needed to perform key functions of your business as well as subject you to fines and loss of reputation. For example, with HIPAA you have access to client medical records. You will receive serious penalties if you don’t meet compliance requirements. You could be fined up to $50,000 per violation, and you may receive criminal charges!
How Do I Become Compliant?
If you use technology and the internet to perform critical business functions, you have information that needs to be protected. This can include passwords, personal information about your employees and patrons, or credit card numbers. There are similarities in the requirements to meet compliance across the board that are usually gathered from industry standard recommended best practices. For example: put a firewall between your network and the internet. Make sure it is configured to only allow traffic in or out from devices that should have access. However, each compliance has its own process to request, achieve, and maintain compliance. Next week we will take a deeper look at these top four compliances. If you are reading this, you are likely subject to adhering to one or more of these regulatory requirements. Are you compliant?
- CJIS Compliance (Criminal Justice Information Services)
- PCI Compliance (PCI Security Standards Council)
- FFIEC Compliance (Federal Financial Institutions Examination Council)
- HIPAA Compliance (Health Insurance Portability and Accountability Act)
Give us a call If you’ve heard enough already, and you’re ready to talk further about your specific compliance requirements. We can discuss a plan to identify your critical business functions, perform a security review, and help you implement the policies, procedures and configurations that meet your compliance requirements. We can even start looking at working on your business continuity planning. These steps all work together to ensure that your business gains the benefits of compliance.
Your UniVista Team
*Celebrating 20 Years of Customer Satisfaction*