Cyber Security and Regulatory Compliance Expert

Charles Denyer is a member of NDB, a nationally recognized firm specializing in Regulation AB, Service Organization Control (SOC) reporting (SSAE 16, AT 101, Trust Services Principles | TSP), ISAE 3402, FISMA, FIPS, CMSR | SSP, GLBA, FFIEC, NIST SP 800, HIPAA, ISO and PCI DSS compliance, along with many other regulatory compliance initiatives. He is also actively involved in numerous professional associations and organizations for a wide range of industries and business sectors, such as the American Nuclear Society (ANS), ISACA, and the Cloud Security Alliance (CSA), just to name a few.

Additionally, Charles holds numerous accounting and technology certifications along with a Masters in Information and Telecommunication Systems from the Johns Hopkins University and a Masters in Nuclear Engineering from the University of Tennessee at Knoxville. Expertise includes information security, cybersecurity, national security and homeland defense, and conducts independent research projects on specific subject matter for various entities.

NDB offers comprehensive HIPAA security compliance audits and assessments for Alabama Covered Entities (CE) and Business Associates (BA) seeking to comply with the federally mandated Health Insurance Portability and Accountability Act. With the pronouncement of the Final Omnibus Rulings in January, 2013, HIPAA now has very strong enforcement powers, those that translate into increased fines and penalties for non-compliance. It’s more important than ever to start putting in place documented HIPAA information security and operational policies, procedures, and other relevant initiatives.

As for becoming compliant with HIPAA, most organizations look to the Security Rule safeguards, which consist of the following three (3) specific areas:

  • 164.308 Administrative Safeguards
  • 164.310 Physical Safeguards
  • 164.312 Technical Safeguards

Additionally, both Covered Entities (CE) and Business Associates (BA) also need to gain a strong understanding and overall awareness of the HIPAA Privacy Rule and Breach Notification provisions, as they’re also critically important for ensuring compliance mandates are being met. And much like the HIPAA Security Rule provisions, both the Privacy Rule and Breach Notification initiatives require numerous documented policies, procedures, and processes to be in place.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

More specifically, the Privacy Rule discusses various issues regarding the “Uses and Disclosure” of Protected Health Information (PHI), along with Individual Rights, Administrative Requirements, and General Safeguards and Best Practices. And as for the Breach Notification provisions for HIPAA, there’s been significant changes, thus what’s important to note about the issue of “breaches” in the context of HIPAA - and specifically in accordance with the final omnibus ruling in January, 2013, are the following:

  • The final omnibus ruling effectively modified The “Breach Notification Rule” of 2009.
  • Clarifies the definition of what a “breach” is.
  • New risk assessment requirements put into place requiring documentation of such practices and consideration of the following four (4) factors:
    • The nature and extent of the protected health information involved, including the types of identifiers and the likelihood of re-identification.
    • The unauthorized person who used the protected health information or to whom the disclosure was made.
    • Whether the protected health information was actually acquired or viewed.
    • The extent to which the risk to the protected health information has been mitigated.

In summary, HIPAA compliance can be a daunting and challenging task, all the more reason to work with proven and trusted compliance experts offering high-quality, comprehensive HIPAA security compliance audits and assessments for Alabama Covered Entities (CE) and Business Associates (BA). Call and speak with NDB’s HIPAA expert Charles Denyer at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. .  Additionally, learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

HIPAA Compliance Services

 

Hits: 1283
0

Contact NDB today for high-quality, industry leading HIPAA security compliance audits and assessments for Atlanta, GA businesses. Recent changes and modifications to the Health Insurance Portability and Accountability Act have now given HIPAA enormous regulatory compliance enforcement and power, thus it’s time to get serious – once and for all – about putting in place much needed information security and operational specific policies, procedures, and processes.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

Both Covered Entities (CE) and Business Associates (BA) are now under the microscope for HIPAA compliance more than ever before, largely as a result of the Final Omnibus Ruling put forth in January, 2013 which significantly increased scope, awareness, and accountability for various provisions of the Health Insurance Portability and Accountability Act. Additionally, Georgia healthcare providers also need to consider what initiatives are in place for security awareness training for all employees and workforce members.
As for becoming compliant with HIPAA, most organizations look to the Security Rule safeguards, which consist of the following three (3) specific areas:

  • 164.308 Administrative Safeguards
  • 164.310 Physical Safeguards
  • 164.312 Technical Safeguards

Because many of these Security Rule Safeguards were authored years ago, it takes a true HIPAA expert to not only understand their intent and meaning, but also in aligning them with today’s best practices for information security. Call HIPAA expert Charles Denyer today at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more.

HIPAA compliance is here to stay, so trust the proven experts at NDB with our high-quality, cost-effective HIPAA security compliance audits and assessments for Atlanta, GA businesses. Ensuring the safety and security of Protected Health Information (PHI) is now more important than ever, so call NDB’s HIPAA expert Charles Denyer today at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

HIPAA Compliance Services

 

Hits: 1416
0

Contact NDB today for comprehensive HIPAA security compliance audits and assessments for Texas businesses. Changes and modifications to the Health Insurance Portability and Accountability Act have now given HIPAA serious regulatory compliance enforcement and power, so it’s time to get serious about putting in place much needed information security and operational specific policies, procedures, and processes. Both Covered Entities (CE) and Business Associates (BA) are now under the microscope for HIPAA compliance more than ever before, due in large part to the Final Omnibus Ruling put forth in January, 2013 that significantly increased scope, awareness, and accountability for various provisions of the Health Insurance Portability and Accountability Act.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

Being compliant with HIPAA can be a daunting and challenging task, especially when one looks at the sheer size and complexities of the regulations, yet all that’s needed are the proven and trusted healthcare experts from NDB, so call our HIPAA expert, Charles Denyer, at 214-298-8532, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. today. Additionally, when organizations talk of “HIPAA compliance”, many times it is often the Security Rule “Safeguards” for which they are referring to, which are the following:

  • 164.308 Administrative Safeguards
  • 164.310 Physical Safeguards
  • 164.312 Technical Safeguards

Additionally, the Breach Notification provisions, along with numerous Privacy Rule provisions are also in consideration for both Covered Entities (CE) and Business Associates (BA) concerning HIPAA compliance. Once again, like most regulatory compliance mandates being put forth, it all comes down to having documented information security and operational policies, procedures, and processes in place, so call the experts today at NDB and speak with Charles Denyer at 214-298-8532. NDB has been helping clients all throughout the Lone Star state regarding HIPAA compliance, and we can assist you also. From much needed HIPAA specific information security policies, HIPAA security awareness training – and more – Texas businesses can turn to the trusted experts at NDB.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

 HIPAA Compliance Services

Hits: 1287
0

If you’re looking for EI3PA auditors & assessors with years of Experian consulting services, and who offer fixed fee assessment pricing, then call the nationwide experts at NDB today. Speak with one of North America’s longest licensed PCI-QSA’s, Charles Denyer, at 1-800-277-5415, ext. 705 today, or via email at This email address is being protected from spambots. You need JavaScript enabled to view it. .

Experian’s EI3PA compliance requirements call for having numerous information security and operational specific policies, procedures, and processes in place, which can be a challenging task for many organizations. Yet what separates NDB’s EI3PA services from other firm’s is the comprehensive EI3PA policy packet each organization receives at the onset of an engagement. More specifically, you’ll receive a set of information security and operational specific policies and procedures that map directly to each of the twelve (12) requirements put forth by the EI3PA standards, which are essentially identical to the PCI DSS framework, with just a few exceptions. Please remember that having comprehensive security and operational documentation in place is often one of the biggest challenges for EI3PA compliance, and NDB more than understands this critical issue.

Saving time, money, while obtaining EI3PA certification is why organizations all across North America choose NDB. Speak with one of North America’s longest licensed PCI-QSA’s, Charles Denyer, at 1-800-277-5415, ext. 705 today, or via email at This email address is being protected from spambots. You need JavaScript enabled to view it. , to learn more about our EI3PA auditing expertise.

Additionally, if your business also has to undertake SOC 1, SOC 2, or HIPAA compliance, NDB can often merge the audit deliverables into one seamless assessment, creating efficiencies and significant cost savings. Regulatory compliance is continuing to grow, so now’s the time to work with a proven and trusted firm with years of EI3PA expertise. The time for becoming EI3PA compliant is now, and the firm that offers competitive, fixed fees, along with providing a comprehensive policy packet, is NDB. NDB also offers numerous other professional services, so give us a call today to learn more.  Learn more about NDB's EI3PA expertise and the complimentary EI3PA Policy Packets we provide to our clients.

 EI3PA Compliance and Certification Services

Hits: 1506
0

Experian EI3PA compliance certification services are offered from NDB, one of North America’s leading providers of regulatory compliance assessment services for credit agencies. If you store, process, and/or transmit sensitive Experian provided data, then an EI3PA audit may come calling. Being compliant with EI3PA means having a number of documented information security and operational specific policies, procedures, and processes in place. NDB has years of experience in performing EI3PA compliance certification assessments, so call and speak directly with PCI-QSA Charles Denyer today at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. .

It’s also important to note that EI3PA assessments are essentially modeled after the PCI DSS standards, which means you need to have a Payment Card Industry Qualified Security Assessor (PCI-QSA) perform such an engagement, thus call and speak with PCI-QSA Charles Denyer today at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. . Additionally, a large part of achieving EI3PA compliance is dependent upon having documented policies and procedures in place, for which NDB provides as part of every engagement.  Learn more about NDB's EI3PA expertise and the complimentary EI3PA Policy Packets we provide to our clients.

Experian provided data is almost often that of Personally Identifiable Information (PII), highly sensitive and confidential data - that if compromised - could be disastrous for consumers, and it’s why EI3PA assessments have grown significantly in recent years. Talk to the experts at NDB today and receive a competitive fixed fee for your Experian EI3PA compliance & certification needs. With twelve (12) mandated “Requirements”, consisting of approximately 275 criteria, the EI3PA compliance roadmap can be a challenging aspect for many organizations, thus call the experts today at NDB by speaking directly with PCI-QSA Charles Denyer.

Undertaking an Experian EI3PA assessment is no different than many of today’s emerging regulatory compliance mandates – policies and procedures are needed, auditors ask for comprehensive documentations, reports are written and issued, and compliance is achieved. Turn to the experts for Experian EI3PA compliance certification, that’s NDB.  Learn more about NDB's EI3PA expertise and the complimentary EI3PA Policy Packets we provide to our clients.

NDB also offers numerous other compliance services, such as SOC 1, SOC 2, SOC 3, HIPAA, NIST, and ISO compliance services. As one of North America’s leading providers of EI3PA compliance, the experts at NDB are here to help you every step of the way.

 EI3PA Compliance and Certification Services

Hits: 1439
0

NDB offers EI3PA Audit Services as required by Experian for any entity who stores, processes, and/or transmits sensitive and confidential consumer data, much of it known in the broader context as “Personally Identifiable Information” (PII). An EI3PA assessment must be conducted by a designated Payment Card Industry Qualified Security Assessor (PCI-QSA), so call and speak directly with one of North America’s longest licensed QSA’s, Charles Denyer of NDB, at 1-800-277-5415, ext. 705, or via email at This email address is being protected from spambots. You need JavaScript enabled to view it. . While it’s true that the EI3PA assessment mandates essentially mirror those of the PCI DSS standards, there are a few differences that organizations need to be aware of. Additionally, when Experian often requests an actual EI3PA assessment on companies, they usually provide a detailed description of the sensitive and confidential consumer data that’s considered in-scope.  Learn more about NDB's EI3PA expertise and the complimentary EI3PA Policy Packets we provide to our clients.

NDB also provides critical information security policy and procedure templates as part of every EI3PA engagement, and that’s because a large part of the assessment process itself is highly dependent upon having documented security and organizational policies in place. Additionally, NDB also offers penetration testing and vulnerability scanning services for ensuring all aspects of EI3PA compliance are met. Cost-effective, comprehensive, and high-quality EI3PA services – that’s the NDB difference. Call Charles Denyer of NDB, at 1-800-277-5415, ext. 705, or via email at This email address is being protected from spambots. You need JavaScript enabled to view it. .

Experian has put together a comprehensive internal compliance department, one that closely monitors all service providers who “touch” privileged consumer information. If you’re considering working with Experian by accessing such data, it’s highly likely that an EI3PA assessment is soon on its way. Learn more about NDB's EI3PA expertise and the complimentary EI3PA Policy Packets we provide to our clients.

Wherever you are located, from New York to Los Angeles, Miami to Seattle, or anywhere else, NDB provides comprehensive, high-quality EI3PA audit services & credit information security consulting services for today’s demanding businesses. Give us a call today to discuss your needs. NDB also offers numerous other regulatory compliance services, such as SSAE 16 SOC 1, SOC 2, SOC 3, HIPAA, PCI DSS compliance, and more.

EI3PA Compliance and Certification Services

 

Hits: 1579
0

NDB provides SOC 2 audits and compliance assessments for today’s growing Austin, TX business community. From Software as a Service (SaaS) entities, to data centers and software developers – and more – Austin, TX is alive with technology focused entities, many requiring compliance audits. Call NDB, the Lone Star State experts for SOC 1, SOC 2, PCI DSS, and HIPAA compliance. With years of providing businesses with high-quality and cost-effective services, NDB can help charter the ever-increasing regulatory compliance landscape, so call Chris Nickell today at 1-800-277-5415, ext. 706, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. .  Learn more about NDB's SOC 2 expertise and the complimentary SOC 2 Policy Packets we provide to our clients.

Technology companies that handle material outsourcing functions for other organizations – which in the world of SOC 2 audits are known as “service organizations” – are being required now more than ever to undertake annual SOC 2 audits. The solution is finding a nationally recognized, competitively priced CPA firm for assisting with all your reporting needs, and that’s NDB. Call Chris Nickell today at 1-800-277-5415, ext. 706, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. , and get an open, honest discussion on SOC 2 audits.

Along with offering SOC 2 audits, NDB also offers the following comprehensive regulatory compliance services:

  • SOC 1 SSAE 16 reporting
  • Payment Card Industry Data Security Standards (PCI DSS) certification
  • HIPAA and HITECH compliance
  • NIST and FISMA consulting services
  • FERC, NERC, CIP compliance
  • Security awareness training
  • Risk management services
  • And much more

Call the SOC 2 audit experts today at NDB and receive a competitively priced, fixed fee proposal for all your regulatory compliance. NDB has been a fixture in the Lone Star state for years now, so turn to your in-state experts for today’s demanding and challenging compliance mandates. Call Chris Nickell, CPA, today at 1-800-277-5415, ext. 706, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. , and get an open, honest discussion on SOC 2 audits.  Learn more about NDB's SOC 2 expertise and the complimentary SOC 2 Policy Packets we provide to our clients.

 SOC 2 Assessments and Compliance Services | Fixed Fees

Hits: 1368
0

Looking for Southern California HIPAA & HITECH consultants, auditors and compliance experts, then call NDB today and speak to senior cyber security expert and HIPAA healthcare specialist Charles Denyer at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. . If you’re a Covered Entity (CE) or Business Associate (BA) in need of comprehensive HIPAA services, ranging from policies and procedures to expert advice, then call the proven and trusted healthcare experts at NDB. With years of real-world, hand’s on experience working with HIPAA, the experienced consultants at NDB can help your business every step of the way in becoming compliant with North America’s most well-known healthcare compliance mandate.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

The Health Insurance Portability and Accountability Act, originally signed into law in 1996, has undergone numerous changes, enhancements, and modification, ultimately attempting – and successfully so – for keeping up with changing times. It means that the HIPAA Security Rule and Privacy Rule mandates now have serious regulatory compliance teeth, so its’ time for Southern California businesses to get serious, once and for all. The Final Omnibus Ruling of 2013 effectively changed the game for HIPAA, increasing enforcement in a number of ways by broadening the compliance mandates for Business Associates, along with placing a larger emphasis on what constitutes a “breach”, along with other important matters. Successfully complying with HIPAA begins by having a sound understanding of the regulation, then putting in place all required policies, procedures, and processes.

Businesses working in the healthcare industry are generally identified as either a Covered Entity (CE) or a Business Associate (BA) in the eyes of HIPAA, which ultimately means large and ever-looming regulatory compliance mandates must be met. Again, HIPAA compliance is all about highly formalized and documented policies, procedures, and processes. Get the help you need from the Southern California HIPAA & HITECH consultants, auditors and compliance experts at NDB by calling Charles Denyer at 1-800-277-5415, ext. 705, or emailing him at This email address is being protected from spambots. You need JavaScript enabled to view it. .  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

HIPAA Compliance Services

Hits: 1852
0

NDB offers comprehensive FISMA compliance and consulting services for entities working with federal agencies that are mandated to put in place a highly formalized information security framework. Signed into law in 2002, FISMA sought to bring about much needed transparency and clarity regarding federal agencies and their respective information systems security framework, ultimately requiring governmental agencies to adopt formalized information security policies, procedures, and practices. It’s a step in the right direction, yet one that’s incredibly time-consuming, operationally challenging, and financially taxing. The basis for FISMA compliance are the numerous NIST SP-800 publications, specifically, NIST SP 800-53, which has essentially become the core framework for FISMA compliant information security systems. It means developing an exhaustive amount of security documentation, much of it revolving around well-written information security policies and procedures, for which NDB can assist with.

FISMA & NIST Regulatory Compliance Experts | Call NDB
Who has time to spend hundreds of hours authoring laborious information security policies and procedures, especially when there’s a firm with a proven track record of developing them almost longer than any other company in North America, and that’s NDB. Call and speak with Charles Denyer, NDB’s senior cyber security expert, by calling him directly at 1-800-277-5415, ext. 705, or emailing him at This email address is being protected from spambots. You need JavaScript enabled to view it. . Regulatory compliance for FISMA will continue to expand for businesses providing critical services to federal agencies, so now’s the time to get serious about compliance by calling NDB and Charles Denyer at 1-800-277-5415, ext. 705.

Security Policies are Essential for FISMA Compliance | We Have Them
One of the signature products we offer is a comprehensive set of industry leading, information security policies and procedures - over 195 templates consisting of approximately 2,000 pages of content. It’s a must-have set of material for any organization that’s serious about regulatory compliance, specifically that of FISMA. From essential access control documents, to highly in-depth provisioning checklists, we have an information security packet to meet all your FISMA compliance needs, along with any other regulatory mandate. Call and speak with Charles Denyer, NDB’s senior cyber security expert, by calling him directly at 1-800-277-5415, ext. 705.

 

Hits: 1340
0

PCI-QSA assessments for Tennessee merchants & service providers, particularly for businesses located in Nashville and Knoxville, are available from NDB Advisory, one of the Southeast’s premier providers of regulatory compliance audits. Former UT grad and current PCI-QSA Charles Denyer offers comprehensive PCI DSS reporting and auditing for today’s growing Tennessee businesses. Compliance with the Payment Card Industry Data Security Standards (PCI DSS) is spreading rapidly for any business that stores, processes, and/or transmits cardholder data.  Learn more about NDB's PCI DSS expertise and the complimentary PCI Policy Packets we provide to our clients.

This ultimately means that many Tennessee merchants and service providers will have to spend considerable time putting in place all necessary policies, procedures, and processes for PCI. It’s why businesses all throughout the Southeast trust the PCI services of NDB Advisory and the reputable skills of senior cyber security specialist and PCI-QSA Charles Denyer.
Notable PCI DSS services for Tennessee businesses include the following:
• PCI DSS Readiness Assessments and Gap Analysis procedures.
• Level 1 Onsite Assessments as mandated for merchants and service providers meeting and exceeding stated transaction thresholds for compliance.
• Information security policy and procedure writing.
• Penetration testing and vulnerability assessments.
• Assistance in filing all administrative documents for helping ensure proper PCI DSS compliance and validation.

From manufacturing firms to large grocery chains – any business in Tennessee that stores, processes, and/or transmits cardholder data must become compliant with the Payment Card Industry Data Security Standards (PCI DSS) mandates. Call PCI-QSA Charles Denyer today at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more. PCI is here to stay, so now’s the time to get serious about being compliant.  Learn more about NDB's PCI DSS expertise and the complimentary PCI Policy Packets we provide to our clients.

PCI DSS Assessments and Compliance Services | Fixed Fees

 

Hits: 1257
0

Trust NDB as leading providers of South Carolina PCI DSS QSA services consisting of onsite assessments and auditors for all business throughout the state of South Carolina. Merchants and service providers storing, processing, and/or transmitting cardholder data must become compliant with the PCI DSS mandates, which means calling in the experts from NDB under the direction of senior cyber security specialist and current PCI-QSA Charles Denyer. Call Charles directly at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. to discuss your PCI DSS reporting needs.  Learn more about NDB's PCI DSS expertise and the complimentary PCI Policy Packets we provide to our clients.

The Payment Card Industry Data Security Standards are posing great challenges for many merchants and service providers in South Carolina – and understandably so – as compliance can often be expensive, time-consuming, and very laborious. What’s needed are expert auditing and consulting services for PCI, and that’s available today from NDB Advisory, so call PCI-QSA Charles Denyer at 1-800-277-5415, ext. 705.
NDB’s PCI DSS Services for South Carolina merchants and service providers consist of the following:

• PCI DSS readiness assessments and gap analysis findings.
• Level 1 Onsite Reporting as required by a Payment Card Industry Qualified Security Assessor (PCI-QSA).
• Network layer and application layer penetration testing, along with internal and external vulnerability scanning.
• Technical and operational remediation of all areas with the Payment Card Industry Data Security Standards requirements.
• Active assistance with completing and filing all applicable administrative documentation for PCI DSS compliance.
• Ongoing consultative engagements for ensuring organizations stay compliant with PCI DSS.

Compliance with the Payment Card Industry Data Security Standards (PCI DSS) begins by calling the South Carolina PCI experts today at NDB Advisory. Call and speak with PCI-QSA Charles Denyer at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. . If you’re looking for cost-effective, high-quality, and comprehensive PCI DSS services, then look no further than NDB Advisory.  Learn more about NDB's PCI DSS expertise and the complimentary PCI Policy Packets we provide to our clients.

 PCI DSS Assessments and Compliance Services | Fixed Fees

Hits: 1202
0

EI3PA compliance, certification, and assessment services are provided by NDB Accountants & Consultants under the direction of senior cyber security specialist and PCI-QSA Charles Denyer. Contact Charles today at 1-800-277-5415, ext. 705, or via email at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more about EI3PA compliance.

Experian’s EI3PA compliance and certification is targeted towards almost any organization that stores, processes and/or transmits confidential data provided by Experian themselves. Generally speaking, Experian provides highly sensitive and confidential information, often known as Personally Identifiable Information (PII), and then mandates it be protected in accordance with the Payment Card Industry Data Security Standards (PCI DSS) mandates. From Requirement 1 to Requirement 12, the mandates in place for PCI DSS compliance effectively apply to Experian data, hence the reason Experian themselves has adopted this framework for information security.  Learn more about NDB's EI3PA expertise and the complimentary EI3PA Policy Packets we provide to our clients.

Again, because the framework for EI3PA is essentially identical to that of the Payment Card Industry Data Security Standards (PCI DSS) mandates, it also means that information security and operational specific policies and procedures need to be in place, for which NDB Advisory offers as part of each EI3PA engagement. Call Charles today at 1-800-277-5415, ext. 705, or via email at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more about EI3PA compliance.

Much like the PCI DSS standards for cardholder data, EI3PA compliance will continue to grow in the coming years as more and more organizations store, process, and/or transmit highly sensitive and confidential customer information for Experian. EI3PA compliance, just like the Payment Card Industry Data Security Standards (PCI DSS) is largely about documented and highly formalized policies, procedures, and processes, for which NDB can assist every step of the way. Call Charles today at 1-800-277-5415, ext. 705, or via email at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more about EI3PA compliance.  Learn more about NDB's EI3PA expertise and the complimentary EI3PA Policy Packets we provide to our clients.

 EI3PA Compliance and Certification Services

Hits: 1435
0

The US – EU Safe Harbor initiatives consist of various mandated provisions for which non-EU businesses are to adhere to regarding the protection, safety, and privacy of individual information for EU residents. While both the United States and the European Union share a common interest and collaborative effort in protecting data, the EU also puts forth enhanced stipulations for any non-EU entity storing such information, ultimately requiring detailed and formalized policies, procedures, and best practices to be in place. Specifically, U.S. organizations are to comply with the following 7 safe harbor principles:

  1. Notice: Organizations are to notify individuals about the purposes for which they collect and use information about them.
  2. Choice: Organizations are to give individuals the opportunity to choose (opt out) whether their personal information will be disclosed to a third party or used for a purpose incompatible with the purpose for which it was originally collected or subsequently authorized by the individual.
  3. Onward Transfer: To disclose information to a third party, organizations are to apply the notice and choice principles.
  4. Access: Individuals are to have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate, with some noted exceptions.
  5. Security: Organizations are to always take reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction.
  6. Data Integrity: Personal information must always be relevant for the purposes for which it is to be used.
  7. Enforcement: Sanctions must be sufficiently rigorous to ensure compliance by the organization.

Contact the US – EU Safe Harbor consulting and compliance experts today at NDB Accountants & Consultants. For more information, please contact Chris Nickell, CPA, via email at This email address is being protected from spambots. You need JavaScript enabled to view it. or call him directly at 1-800-277-5415, ext. 706. If your business is involved in storing and transmitting sensitive and privileged EU customer data, now’s the time act and get compliant – we can help.

Please keep in mind that US – EU Safe Harbor compliance is highly dependent upon having documented policies and procedures in place, for which NDB provides with every engagement. Call today to discuss your US – EU Safe Harbor compliance needs.

 

Hits: 1540
0

In need of a proven HIPAA, HITECH consultant, somebody with years of experience working with the Health Insurance Portability and Accountability Act (HIPAA), along with many other healthcare provisions and mandates? Then call Charles Denyer today at 214-298-8532 to discuss your HIPAA and healthcare regulatory compliance needs. The Final Omnibus ruling of January, 2013 has given HIPAA serious regulatory compliance enforcement, all the more reason to put in place all required HIPAA compliance mandates. From the HIPAA Security and Privacy Rule mandates to CMS | Meaningful Use, and the various “stages” involved, it’s all about putting in place comprehensive healthcare policies, procedures, and other supporting documents.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

With heavy fines and penalties looming for covered entities and business associates that are not compliant with HIPAA, now’s the time to get serious about the ever growing healthcare regulatory mandates. Call Charles Denyer today at 214-298-8532 to discuss your HIPAA needs and how NDB Advisory can help. From policy writing to specific implementation of various controls, Charles and his staff can get you HIPAA compliant. From a scope perspective, compliance with HIPAA means putting in place approximately 60 + different information security, operational, and business specific policies, procedures, and other supporting documentation.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

Additionally, compliance with HIPAA also calls for the all-important security awareness and workforce member training to be undertaken on an annual basis. NDB’s expert HIPAA services includes all necessary HIPAA policy documentation, along with a comprehensive and easy-to-customize HIPAA security awareness program, complete with a PowerPoint (PPT) presentation, training manual, and much more. The time is now for becoming compliant with HIPAA, so call Charles Denyer today at 214-298-8532 or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. .

 HIPAA Compliance Services

Hits: 1580
0

Call the Dallas, TX data center auditors today for fixed fee pricing for PCI DSS compliance, along with SOC 1 SSAE 16, SOC 2, HIPAA, and any other of the alphabet soup regulatory compliance mandates. Data centers now stand front and center in the world of regulatory compliance, often having to spend considerable resources in regards to the ever-growing list of industry mandates and federal legislative edicts. The solution is finding a well-qualified, highly-experienced CPA and consulting firm capable of providing competitive fixed fees for such mandates, and that’s NDB.  Learn more about NDB's complimentary SOC 1 Policy Packet and SOC 2 Policy Packets. It truly makes a big difference in helping you save thousands of dollars on SOC compliance.

With years of working in the DFW area and providing numerous compliance solutions, NDB has the experience, skill sets, and audit know-how to get you through today’s most demanding and challenging compliance mandates. Additionally, NDB can also combine many of today’s regulatory compliance mandates into an efficient, scalable, highly-efficient, and cost-effective process. Call and speak with regulatory compliance specialist Charles Denyer of NDB at 214-298-8532, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. today.

NDB’s Dallas, TX data center audit services consist of the following:

  • PCI DSS
  • HIPAA | HITECH | CMS
  • SOC 1 SSAE 16
  • SOC 2 AT 101
  • SOC 3 Trust Services Principles

There’s simply no reason to pay multiple audit firms separate fess for the above listed regulatory compliance assessments. Additionally, there’s also really no reason to waste hundreds of operational man-hours in stopping and starting audits each and every years, collecting the same audit evidence over and over. Work with a proven and trusted firm with years of data center auditing and compliance expertise, that’s NDB. With a strong footprint in the Lone Star State – especially in Big D – we can get you compliant in a comprehensive and cost-effective manner. Call and speak with Charles Denyer at 214-298-8532, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. today.

 

Hits: 1757
0

Call the Atlanta, GA data center auditors today for all your regulatory compliance needs, such as SSAE 16 SOC 1 assessments, SOC 2 and SOC 3 reporting, along with PCI DSS and HIPAA compliance. With years of compliance experience, the trusted experts at NDB can provide your organization with a high-quality, competitively priced, fixed fee. Additionally, as with most regulatory compliance initiatives, information security policies and procedures are a big requirement, for which NDB has literally hundreds of industry leading templates that have been developed over the years.  Learn more about NDB's data center expertise and the complimentary SOC 2 Policy Packets, along with our complimentary PCI DSS Policy Packets and also SOC 1 Policy Packets we provide to our clients for each enagement. It truly makes a difference for each audit!

Stop and think about all the growing regulatory compliance mandates facing Atlanta data centers – PCI DSS compliance, HIPAA, SOC 1 SSAE 16, SOC 2, and these are just the well-known industry and regulatory initiatives. It’s thus important to find a firm that provides audit efficiencies – more specifically – combining multiple audits and assessments for a comprehensive, scalable, and incredibly cost-effective process. It’s what NDB does, and can do it for your organization also, just call Chris Nickell, CPA, today at 404-483-8485, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more.

Regulatory compliance mandates for Atlanta data centers, managed services providers – and all other companies within the technology space – will continue to grow and expand aggressively, forcing businesses to spend considerable operational and financial resources. There has to be a better and more efficient way for streamlining costs, yet still maintaining high-quality audit standards – and there is – it starts by calling the experts today at NDB for all your regulatory compliance needs, such as SSAE 16 SOC 1 assessments, SOC 2 and SOC 3 reporting, along with PCI DSS and HIPAA compliance. Call Chris Nickell, CPA, today at 404-483-8485, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more.

 

Hits: 1673
0

HIPAA security audits are essential for ensuring business associates and covered entities are in compliance with numerous provisions from the Health Insurance Portability and Accountability Act. With the pronouncement of the Final Omnibus Ruling in January, 2013, HIPAA has gained some serious regulatory compliance enforcement, which means putting in place comprehensive operational and information security policies, procedures, and related processes. The Department of Health and Human Services (HHS) is also expanding their HIPAA enforcement initiatives in a number of ways, including actual inspections and audits for business associates and covered entities. It means that now’s the time to get serious about putting in place much needed HIPAA mandates for ultimately ensuring the confidentiality, integrity, and availability (CIA) of Protected Health Information (PHI), and any subset information thereof.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

Most organizations, specifically business associates and covered entities, would greatly benefit from putting in place the minimum security standards in accordance with 164.308, 164.310, and 164.312. These three (3) safeguards are what’s often required as baseline validation of minimum acceptable controls in place for general HIPAA compliance. It means, as with all other areas within HIPAA, developing documented policies, procedures, and processes, for which the experts at NDB can assist under the guidance of expert HIPAA specialist Charles Denyer (1-800-277-5415, ext. 705, This email address is being protected from spambots. You need JavaScript enabled to view it. ).

Along with HIPAA expertise, Charles and his staff also provide CMS healthcare consulting services, such as that of “Meaningful Use | Stage 1 & 2”, comprehensive healthcare security awareness and employee workforce training, and much more. HIPAA and the numerous other supporting healthcare initiatives are serious about ensuring the safety and security of PHI and other related medical records – call the experts at NDB today. NDB also offers SOC 1, SOC 2, SOC 3, PCI DSS, FISMA, ISO and numerous other regulatory compliance solutions for businesses.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

HIPAA Compliance Services

 

Hits: 1422
0

PCI data center requirements is a hot topic these days and for good reason as more and more data centers are being challenged with ever-growing regulatory compliance mandates, PCI being one of the biggest, along with SOC 1 SSAE 16 and SOC 2 reporting. It’s therefore important to gain a comprehensive understanding of PCI data center requirements in today’s complex and ever-changing compliance world. The following points are considered critical in assessing and better understanding an actual data center’s responsibility in accordance with the Payment Card Industry Data Security Standards (PCI DSS).  Learn more about NDB's PCI DSS expertise and the complimentary PCI Policy Packets we provide to our clients.

Services Offered
There’s a direct correlation to the services offered by a data center and the type of PCI compliance that’s technically required. Simply stated, from offering traditional co-location services (i.e., “ping, power, and pipe”) to fully managed services, such as managed O/S and managed applications, data centers have a number of options for PCI compliance. It’s thus important to align one’s service delivery models with the applicable PCI reporting requirements. Traditional data center delivery services offering only co-location should seek to conduct their own annual PCI Self-Assessment compliance via SAQ D, focusing primarily on Requirements 9 and 12, and possibly other supporting requirements, such as Req. 7 and 8.

Additionally, co-location facilities should look to assist customers who are housed in their facility with their own PCI requirements by facilitating testing and compliance documentation for Requirements 9 and 12. Keep in mind that data centers offering traditional co-location services should not be striving for an actual Level 1 onsite assessment by a Payment Card Industry Qualified Security Assessor (PCI-QSA), unless they are offering true managed services or a customer is adamantly demanding such certification. And even if that’s the case with customer demands, a thoughtful and intelligent conversation with such prospects or current clientele should be undertaken for properly educating them on the true merits of PCI DSS compliance.  Learn more about NDB's PCI DSS expertise and the complimentary PCI Policy Packets we provide to our clients.

Managed Services
What changes the scope for data center compliance for PCI is that of managed services – more specifically – offering management of network devices, operation systems, and managed applications. Data centers then actually begin functioning as the client by performing numerous functions, all of which are included within the twelve (12) PCI DSS requirements from the Payment Card Industry Data Security Standards (PCI DSS). Compliance with PCI DSS for data centers is continuing to grow – and evolve – are the more reason for finding a highly qualified, capable PCI-QSA, one with years of experience. Call and speak directly today with one of North America’s longest licensed Payment Card Industry Qualified Security Assessors (PCI-QSA), Charles Denyer of NDB Advisory ( This email address is being protected from spambots. You need JavaScript enabled to view it. | 1-800-277-5415, ext. 705) to learn more about PCI Data center requirement for compliance.

NDB also offers comprehensive SOC 1 SSAE 16, SOC 2, and SOC 3 reporting, along with in-depth HIPAA, NIST, FISMA, ISO, FFIEC, FERC, and NERC compliance, and more. Call the experts today to learn more.

PCI DSS Assessments and Compliance Services | Fixed Fees

Hits: 2239
0

Call NDB today for South Florida HIPAA and HITECH compliance, auditing, and consulting services. The proven and trusted healthcare experts at NDB offer a wide variety of HIPAA and HITECH solutions, such as policy and procedure writing, strategy and implementation consulting and much more. Today’s ever-expanding and growing healthcare mandates are putting enormous challenges on business associates and covered entities, with much of it being directed by HIPAA and the Final Omnibus Ruling of January, 2013. What South Florida businesses need are proven and trusted HIPAA experts, and that’s what NDB offers.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

One of the biggest and often most challenging aspects of HIPAA compliance is the development of operational, business specific, and information security policies and procedures. When looking at the HIPAA Security and Privacy Rules, along with the enhanced breach notification rules, it’s a laundry list of comprehensive documentation that needs to be in place. NDB’s South Florida HIPAA and HITECH compliance, auditing, and consulting services specializes in developing high-quality healthcare specific policies and procedures, as we’ve painstakingly constructed our own set of customized templates. NDB’s South Florida HIPAA and HITECH compliance, auditing, and consulting services also include implementation of all necessary procedures and practices for truly ensuring compliance with HIPAA.  Learn more about NDB's HIPAA expertise and the complimentary HIPAA Policy Packets we provide to our clients.

NDB, along with offering comprehensive, high-quality, and cost-effective South Florida HIPAA and HITECH compliance, auditing, and consulting services, also provides businesses with the following regulatory compliance services:

• SSAE 16 SOC 1 Reporting.
• AT 101 SOC 2 Reporting.
• SOC 3 SysTrust | WebTrust Reporting.
• Payment Card Industry Data Security Standards (PCI DSS) Assessments.
• FISMA, NIST, FFIEC Compliance.
• Information Security Policy and Procedure Writing
• Outsourced Internal Audit Services

Call and speak directly with HIPAA specialist Charles Denyer at 1-800-277-5415, ext. 705, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. regarding NDB’s South Florida HIPAA and HITECH compliance, auditing, and consulting services.

HIPAA Compliance Services

Hits: 1848
0

PCI DSS compliance, SOC reporting, and HIPAA | HITECH compliance - call them the “gang of three” - they’re the most notable and well-known regulatory compliance laws, legislation and industry specific mandates affecting businesses today. What’s also interesting to note is that a large number of companies often undertake any two of the three (sometimes all three) compliance initiatives, creating auditing nightmares and skyrocketing costs. Your solution - creating audit efficiencies by combining many of the deliverables needed for PCI DSS compliance, SOC reporting, and HIPAA | HITECH compliance into one fully comprehensive assessment. By using the services of a well-qualified, highly-experienced firm - such as NDB Accountants & Consultants - organizations can reduce costs, save time, yet still meet strict compliance mandates.  Learn more about NDB's compliance expertise and the complimentary SOC 2 Policy Packets, along with our complimentary PCI DSS Policy Packets and also SOC 1 Policy Packets we provide to our clients for each enagement. It truly makes a difference for each audit!

Look at some of the main areas for all three (3) of these compliance initiatives - user access, network security, operational policies and procedures - it’s an endless list of overlapping controls and various mandates for information security specific documentation. For example, when conducting assessment and evidence collection for Requirements 7 and 8 for PCI regarding access rights, it just makes sense to look at similar requirements under HIPAA Subpart C (Privacy and Security), along with SOC 1 and/or SOC 2 reporting for access rights. There’s no reason to “reinvent the wheel” or spending unneeded hours conducting stand-alone audits and assessments for each of the “gang of three” - it’s all about efficiency, and that’s exactly what NDB provides with talented and well-skilled auditors.

For many years, we’ve been advocating to our clients – and to the business community as a whole – to implement audit efficiencies that ultimately save thousands of dollars and hundreds of precious operational man-hours. It works for our clients and it can work for you. Call and speak with Christopher Nickell, CPA, at 1-800-277-5415, ext. 706 or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more. Saving time and money – especially when it comes to growing regulatory compliance mandates – is a must for today’s growth oriented and cost-conscious businesses. NDB Accountants & Consultants are proven and trusted PCI DSS compliance, SOC reporting, and HIPAA | HITECH compliance auditors and assessors.

 

Hits: 1835
0
From I.T.consultants to seasoned regulatory compliance auditors, our firm's wide expertise is diverse, cross-functional, and highly experienced in all our service lines.

From I.T.consultants to seasoned regulatory compliance auditors, our firm's wide expertise is diverse, cross-functional, and highly experienced in all our service lines.