Loading...
Answers
MenuWe need to certify our start up with the best , most advanced healthcare information security vendors. Any ideas of the best start ups or ways to go?
We are not in USA so HIPAAA is not something we need to do. High security in our website and servers is a key advantage to our overall selling proposition and branding communication .
Answers
There are many security standards you can "certify" your datacenter with, such as NIST or ISO. You can read more about them here: http://en.wikipedia.org/wiki/Cyber_security_standards
In addition there are some SSL and Antivirus vendors who provide "security badges" that can be embedded to your website and prove that your DNS domain and SSL certificate are valid.
Having said that, If you are serious about security and want to leverage that as a competitive advantage you would probably have to implement deep security measures.
You could then publish these measures in a whitepaper that can be shared with your clients.
You can refer to what Amazon have published regarding their AWS product: https://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
Guy
If you are in the service provider space, I would suggest that you undergo a SSAE16, SOC2 audit. Refer to the following link for details: https://www.ssae-16.com/soc-2/
Hi I have over 20 years experience in securing networks and devices with confidential healthcare data. Also, I am multi-certified and I am a Healthcare Certified Information Security Practitioner(HCISSP).
Even if HIPAA is not something you need to do, your first step is to identify a industry standard security framework such as the ISO27000. The framework will provide you with guidance and Best Practices on how you should be securing your environment. The ISO Standards are globally recognized as a strong foundation for security and should be a consideration to follow if you are interested in processing, transmitting or storing healthcare information.
I would be interested in hearing about your strategy and understanding your requirements based on your business needs. This will enable me to recommend the best path for you to go to appropriately secure your environment. I would be happy to have a conversation with you to do this and offer my professional guidance.
Best Regards, Steven
Related Questions
-
How secure is Clarify.fm with content and recordings?
If you feel that Clarity isn’t secure enough for your needs, you’re welcome to use another platform. Also, if you have something that’s extremely private, your welcome to use another platform. Clarity is a great platform with great customer support. I’ve needed them numerous times and they’ve always been super responsive and helpful. I only wish they promoted the platform even more. Good luckAssaf Ben-DavidAB
-
I have the ability to build Identity Access Mgmt. Where can I hire someone to backup my projects?
Can you give more detail about what you mean by backup your projects? This question is super vague... I can tell you about backup software, and backup systems if you are just looking to backup your work so you don't lose it in a disaster. I just am not sure that is what you mean seeing as you seem to want to share income with whomever helps you on this.Christopher Angulo-BertramCA
-
Has anyone in the gaming industry used Google reCAPTCHA Enterprise?
While I don't have access to real-time data, as of my last update in September 2021, it is likely that some companies in the gaming industry have utilized Google reCAPTCHA Enterprise. Google reCAPTCHA is a widely adopted technology that provides a security measure to prevent automated bots and spam. The gaming industry, like many others, faces challenges related to bot attacks, fraudulent activities, and user verification. By implementing reCAPTCHA Enterprise, gaming companies can enhance the security of their platforms, protect user accounts, and prevent unauthorized access. The system's advanced risk analysis algorithms and machine learning capabilities help differentiate between human users and automated bots, ensuring a smooth and secure user experience. However, it's important to note that the specific adoption of Google reCAPTCHA Enterprise by gaming companies may vary. Factors such as the size of the company, the nature of their gaming platforms (e.g., online multiplayer games, mobile apps, or gaming websites), and their individual security requirements influence the technology choices they make. To gather the most accurate and up-to-date information on whether anyone in the gaming industry is currently using Google reCAPTCHA Enterprise, I recommend reaching out to industry experts, gaming companies, or conducting online research for recent news or case studies highlighting its implementation in the gaming sector.Jasper NaethbohmJN
-
Which level of DoS protection is best to start off with for a startup building a social network from the ground up?
Denial of Service protection is a key component of your perimeter defense along with your firewall, intrusion detection/prevention and continuous monitoring. There are several managed service providers that you can choose from. The first vendor you should contact is your Internet Service Provider (ISP), they may have DoS services available as a component of your contract or they will have DoS providers they partner with. Once you have identified the services your provider offers or the DoS protection partners they have you can evaluate which is best for you. If you have more questions on this or other security, data protection or regulatory requirements, PCI may be important for you, feel free to let me know. Best of luck in your venture! -StevenSteven ParkerSP
-
Which CDN would you recommend for bot detection?
Distil Networks is more like a CDN (Content Delivery Network), so every traffic to customers website should pass through Distil server. In other words you have to point your DNS to their CDN (that can potentially bring down your site). They keep analyzing your website through out and if the traffic is found malicious they block. As you asked about competitors, ShieldSquare as a potential alternative, offers following benefits over Distil: Non-intrusive API integration that will not affect your website performance and uptime. Zero False Positives that will ensure that your genuine users are never troubled. I can offer more direction if I know more about your environment. Best Regards, StevenSteven ParkerSP
the startups.com platform
Copyright © 2025 Startups.com. All rights reserved.
