HITRUST vs. ISO-27001 (or is it?)

Reading Time: 2 minutes The process of “realization” is an interesting one. My first thoughts on HITRUST tended towards the negative; “Why do we need another ISO-27001 derivative information security framework?” “Why not just get ISO-27001 certified?” “Is...

Mapping HIPAA to ISO 27002

Reading Time: 2 minutes Our Principal Enterprise Security Consultant, John Verry, said he needed to know how the HIPAA Security Rule compared to ISO 27002 in order to put together a proposal for a prospective client. You can see the result of my...