For when compliance is more than just a check in the box

The regulatory environment has never been more complex. Companies doing business in the United States must contend with a patchwork of federal legislation and regulatory bodies, state legislation and attorneys general, industry self-regulation, and private contractual requirements. Now, many organizations who interact with European citizens in-person or online also have to contend with the impending EU Global Data Protection Regulation (GDPR), which becomes enforceable in May 2018 and carries penalties up to 4% of worldwide revenue. Regardless of industry, organizations must have a well-defined, yet agile program to become compliant with data security regulations and standards.

How we help

Our team includes former government employees with deep regulatory experience that operate comfortably at the intersection of law and technology. We can help your organization ensure compliance with existing policies and with almost any industry regulation. Start with a privacy impact assessment or jump straight to a gap assessment or full-scale audit and let us help you answer the questions your organization should be asking before, during, and after a cyber-attack.

Find out more how we can put our insights to work for you:

  • Privacy impact assessment
  • Health Insurance Portability and Accountability Act (HIPAA) gap assessment
  • Health Information Trust Alliance (HITRUST) gap assessment
  • Payment Card Industry Data Security Standard (PCI DSS) compliance solutions
  • European Union General Data Protection Regulation (GDPR) compliance solutions
  • New York Department of Financial Services (NYDFS) Cybersecurity Requirements for Financial Institutions compliance solutions
  • Gramm-Leach-Bliley Act (GLBA) compliance solutions
  • North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance solutions
  • Federal Information Security Management Act (FISMA) compliance solutions
  • American Bar Association Formal Opinion 477 on Securing Communication of Protected Client Information solutions
  • International Organization for Standardization 27001 (ISO 27001) compliance solutions
  • Sarbanes-Oxley Act (SOX) compliance solutions
  • Family Education Rights and Privacy Act (FERPA) compliance solution