Loading...
Answers
MenuWe need to certify our start up with the best , most advanced healthcare information security vendors. Any ideas of the best start ups or ways to go?
We are not in USA so HIPAAA is not something we need to do. High security in our website and servers is a key advantage to our overall selling proposition and branding communication .
Answers
There are many security standards you can "certify" your datacenter with, such as NIST or ISO. You can read more about them here: http://en.wikipedia.org/wiki/Cyber_security_standards
In addition there are some SSL and Antivirus vendors who provide "security badges" that can be embedded to your website and prove that your DNS domain and SSL certificate are valid.
Having said that, If you are serious about security and want to leverage that as a competitive advantage you would probably have to implement deep security measures.
You could then publish these measures in a whitepaper that can be shared with your clients.
You can refer to what Amazon have published regarding their AWS product: https://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
Guy
If you are in the service provider space, I would suggest that you undergo a SSAE16, SOC2 audit. Refer to the following link for details: https://www.ssae-16.com/soc-2/
Hi I have over 20 years experience in securing networks and devices with confidential healthcare data. Also, I am multi-certified and I am a Healthcare Certified Information Security Practitioner(HCISSP).
Even if HIPAA is not something you need to do, your first step is to identify a industry standard security framework such as the ISO27000. The framework will provide you with guidance and Best Practices on how you should be securing your environment. The ISO Standards are globally recognized as a strong foundation for security and should be a consideration to follow if you are interested in processing, transmitting or storing healthcare information.
I would be interested in hearing about your strategy and understanding your requirements based on your business needs. This will enable me to recommend the best path for you to go to appropriately secure your environment. I would be happy to have a conversation with you to do this and offer my professional guidance.
Best Regards, Steven
Related Questions
-
Which CDN would you recommend for bot detection?
Distil Networks is more like a CDN (Content Delivery Network), so every traffic to customers website should pass through Distil server. In other words you have to point your DNS to their CDN (that can potentially bring down your site). They keep analyzing your website through out and if the traffic is found malicious they block. As you asked about competitors, ShieldSquare as a potential alternative, offers following benefits over Distil: Non-intrusive API integration that will not affect your website performance and uptime. Zero False Positives that will ensure that your genuine users are never troubled. I can offer more direction if I know more about your environment. Best Regards, StevenSteven ParkerSP
-
How secure is Clarify.fm with content and recordings?
If you feel that Clarity isn’t secure enough for your needs, you’re welcome to use another platform. Also, if you have something that’s extremely private, your welcome to use another platform. Clarity is a great platform with great customer support. I’ve needed them numerous times and they’ve always been super responsive and helpful. I only wish they promoted the platform even more. Good luckAssaf Ben-DavidAB
-
Which level of DoS protection is best to start off with for a startup building a social network from the ground up?
Denial of Service protection is a key component of your perimeter defense along with your firewall, intrusion detection/prevention and continuous monitoring. There are several managed service providers that you can choose from. The first vendor you should contact is your Internet Service Provider (ISP), they may have DoS services available as a component of your contract or they will have DoS providers they partner with. Once you have identified the services your provider offers or the DoS protection partners they have you can evaluate which is best for you. If you have more questions on this or other security, data protection or regulatory requirements, PCI may be important for you, feel free to let me know. Best of luck in your venture! -StevenSteven ParkerSP
-
How can I integrate SSL on my website?
It looks like you can do this with Cloudflare so if I were you I would email them to ask. See this article here: https://www.cloudflare.com/ssl If that doesn't work I would contact your web host. Your web host will be able to provide a solution for you that will be simple and easy.Jeremiah PrummerJP
-
I would like to hear if there are any complaints or dissatisfaction points from people who are using reCAPTCHA on a paid basis.
reCAPTCHA, developed by Google, is commonly used as a free service to protect websites from spam and abuse. While it's difficult to provide specific information about complaints or dissatisfaction points from individuals using reCAPTCHA on a paid basis (as it is primarily offered as a free service). 1. Cost-effectiveness: One potential point of dissatisfaction could be the perceived value of paying for a service that is available for free. If a paid version of reCAPTCHA were to be introduced, users might expect additional features or benefits to justify the cost. 2. Performance and accuracy: While reCAPTCHA is designed to be highly effective, it's not foolproof. Some users may experience difficulties or frustrations with the verification process. Issues can arise from misinterpretation of images, confusing challenges, or false positives/negatives, leading to extra time spent on completing forms or encountering access restrictions. 3. User experience: If reCAPTCHA is implemented in a way that negatively affects the user experience, such as causing delays or being intrusive, it could lead to dissatisfaction. Captchas that are excessively difficult, contain hard-to-read text, or require repeated attempts can frustrate users and impact their perception of the paid service. 4. Support and responsiveness: Paid users may have higher expectations regarding customer support and responsiveness to issues or inquiries. Dissatisfaction could arise if there is a lack of timely support or ineffective resolution of problems. 5. Alternatives and competition: Some users may be dissatisfied with reCAPTCHA's paid service if they find comparable or better alternatives at a lower cost or with more desirable features. Competition in the market can influence user satisfaction and their willingness to pay. It's important to note that the information provided above is based on general observations and hypothetical scenarios, as reCAPTCHA primarily operates as a free service. To obtain more accurate and up-to-date information about any specific complaints or dissatisfaction points from individuals using reCAPTCHA on a paid basis, it would be beneficial to research recent user reviews, forums, or contact Google directly for specific insights and support. I'm here to address any further questions you may have.Himanshu GoutamHG
the startups.com platform
Copyright © 2025 Startups.com. All rights reserved.
