A-LIGN Insights: May 2021

In this issue we discuss how to prepare for state privacy laws, outline the do’s and don’ts of getting started with HITRUST, the benefits of adding ISO 27701 to ISO 27001 and more.

Featured Content

How to Announce Your Cybersecurity Assessment with a Press Release

We all know a cybersecurity assessment tells your customers, prospects, and business partners that you take cybersecurity seriously. But did you know there are ways to promote your security assessments without revealing all your company secrets?

Here are a few recommendations:

  • Announce it in a press release
  • Share your approach to security to the extent you feel comfortable and relate it to your customers and business partners
  • Include some of the best practices you follow (encryption, penetration testing, etc.)
  • Guide your visitors through the process of requesting a report
  • Feature your auditor- their credibility will translate to your customers

Looking for more ideas? Click here to view examples featured in the full article by our SVP of Marketing, Brian Gladstein.

How to Prepare for the Coming Patchwork of State Privacy Laws

State privacy laws are coming. IT teams need to know how these new laws apply to their organization if they are handling sensitive information. Let’s start with a set of basic actions to help simplify Privacy legislation:

1. Deliver  Disclosures  Through a  Privacy Policy

  • What data is collected
  • How data is collected
  • For what purpose is the data used
  • With whom the data is shared
  • Disclosures to third parties
  • Data Subject Rights

2. Provide for  Data Subject  Rights  Related to the  Processing of Personal Data

  • The Right to Access
  • The Right to Modify
  • The Right to Delete
  • The Right to the Restriction of Processing

3. Generate a Data Map to Know Your Obligations

A  Data Map involves a combination of automated and manual processes, such as scanning software and interviews with department leaders.

Looking to learn more? Check out the full article!


Events

2021 Compliance Benchmark ReportWebinar: 2021 Compliance Benchmark Report: Where Do You Stand?

A-LIGN’s first annual Compliance Benchmark Report provides a comprehensive review of the challenges and opportunities faced by security and compliance professionals throughout 2021. Join Patrick Sullivan, Director of Customer Success at A-LIGN, for a review of the report results and compliance best practices.
Register Now

 

Tony Bai

WebinarTony’s Take: Monthly CMMC Updates & Federal Compliance News on Thursday, June 3rd | 2 PM ET

Join Tony Bai, A-LIGN’s Federal Practice Lead, each month for the latest news on Federal Compliance, including CMMC updates and a live Q&A. 
Register Now

 

 


A-SCEND Tip of the Month 

Did you know that you have many options for Two-Factor Authentication when using
A-SCEND? While we recommend Google Authenticator, you can use any brand name TFA application including AuthyDuoTwilio, and Lastpass MFA, just to name a few.


A-LIGN Team Spotlight 

Blaise Wabo

Meet Blaise Wabo
CPA, CISA, CCSK, HITRUST, Associate Director

“The COVID-19 pandemic has proven that Security and Privacy Compliance is more than just a check-the-box activity. With a surge in telemedicine also came a surge in data breaches. Hospital CEOs, Presidents and Medical Directors are calculating the risk of an attack and seriously implementing a top-down governance approach to mitigate threats to their operations.”
​​​​​​Learn More