Compliance Consulting

Compliance.  Sounds intimidating, but it doesn't have to be.  Businesses have a difficult time with compliance regulations because it means more work and many hours with auditors. Security professionals struggle with it it because it doesn't necessarily give you security. Well we have a solution for both. We will show you how to make your company secure and compliant. Best thing is, it's easy.

After we're done, your business will have a completed compliance package that you can showcase to auditors.  Make your next visit from auditors the most seamless visit ever.  Instead of making the next auditor visit a month long process, work with us and get your time back.

Healthcare data security is our expertise!  Stern Security actively participates in the North Carolina Healthcare Information & Communications Alliance (NCHICA) and our principle is the co-chair of the Privacy and Security Workgroup.  Stern Security is a regular presenter at the Academic Medical Center (AMC) Conference at the University of North Carolina in Chapel Hill.  Our team has a very deep understanding of HIPAA and its impact on the business.

Stern Security Healthcare Compliance Package includes:

  • Complete HIPAA Risk Analysis as required under HIPAA Part No. § 164.308(a)(1)(ii)(A)
  • HIPAA Security Rule Gap Analysis (45 C.F.R. §§ 164.302 – 318.)
  • OCR Privacy, Security, and Breach Notification Audit Program
  • Perform all security requirements needed for Meaningful Use attestations
    • Meaningful Use Stage 1 Core Measure #13 - Conduct a Risk Analysis
    • Meaningful Use Stage 2 Core Measure #9 - Conduct a Risk Analysis

 Stern Security Gramm–Leach–Bliley Act (GLBA) Compliance Package includes:

  • NCUA's security requirement to "identify reasonably foreseeable internal and external threats based upon the types systems and services provided."
  • GLBA Safeguards Rule - "Standards For Safeguarding Customer Information; Final Rule" 16 CFR Part 314
  • Complete Risk Assessment as required under the Financial Services Modernization Act of 1999
  • Third Party Due Diligence Reviews