Loading...
Answers
MenuWe need to certify our start up with the best , most advanced healthcare information security vendors. Any ideas of the best start ups or ways to go?
We are not in USA so HIPAAA is not something we need to do. High security in our website and servers is a key advantage to our overall selling proposition and branding communication .
Answers
There are many security standards you can "certify" your datacenter with, such as NIST or ISO. You can read more about them here: http://en.wikipedia.org/wiki/Cyber_security_standards
In addition there are some SSL and Antivirus vendors who provide "security badges" that can be embedded to your website and prove that your DNS domain and SSL certificate are valid.
Having said that, If you are serious about security and want to leverage that as a competitive advantage you would probably have to implement deep security measures.
You could then publish these measures in a whitepaper that can be shared with your clients.
You can refer to what Amazon have published regarding their AWS product: https://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
Guy
If you are in the service provider space, I would suggest that you undergo a SSAE16, SOC2 audit. Refer to the following link for details: https://www.ssae-16.com/soc-2/
Hi I have over 20 years experience in securing networks and devices with confidential healthcare data. Also, I am multi-certified and I am a Healthcare Certified Information Security Practitioner(HCISSP).
Even if HIPAA is not something you need to do, your first step is to identify a industry standard security framework such as the ISO27000. The framework will provide you with guidance and Best Practices on how you should be securing your environment. The ISO Standards are globally recognized as a strong foundation for security and should be a consideration to follow if you are interested in processing, transmitting or storing healthcare information.
I would be interested in hearing about your strategy and understanding your requirements based on your business needs. This will enable me to recommend the best path for you to go to appropriately secure your environment. I would be happy to have a conversation with you to do this and offer my professional guidance.
Best Regards, Steven
Related Questions
-
How secure is Clarify.fm with content and recordings?
If you feel that Clarity isn’t secure enough for your needs, you’re welcome to use another platform. Also, if you have something that’s extremely private, your welcome to use another platform. Clarity is a great platform with great customer support. I’ve needed them numerous times and they’ve always been super responsive and helpful. I only wish they promoted the platform even more. Good luckAssaf Ben-DavidAB
-
What would cause messages from my new email address to go to some recipients junk folder? It's a new domain name. Anything I can do on my end?
I have a tremendous amount of experience sending emails from new domains - perhaps 2,000,000 emails per year - and the long and short of it is this: email deliverability is tremendously complex. Why? For one thing, because of the constant battle between spammers, ISPs, ESPs and other players, among other things. Also, because email still uses some very old and outdated protocols that make this all more difficult. If your business is going to rely heavily on email, I would encourage to educate yourself now so that you won't be stymied as you grow. Many of the things I learned were through trial and error - which can be excruciatingly frustrating. Just a few of the things you should immediately begin working on: proper SPF, SenderID, DKIM compliance along with solid DNS set up. Additionally, if you will use email heavily, I would start now putting the pieces in place for later white labeling aa nd possible dedicated IP sending. In terms of the actual email content itself, that is another subject you will want to investigate. I'm not saying these things to discourage you - but rather to help you avoid the mistakes we made in the past. If you need a hand getting a little grip on this I probably can steer you in the right direction pretty quickly. Wish you the best in your endeavor! AdamAdam Bowie ✔AB
-
I have the ability to build Identity Access Mgmt. Where can I hire someone to backup my projects?
Can you give more detail about what you mean by backup your projects? This question is super vague... I can tell you about backup software, and backup systems if you are just looking to backup your work so you don't lose it in a disaster. I just am not sure that is what you mean seeing as you seem to want to share income with whomever helps you on this.Christopher Angulo-BertramCA
-
How can I integrate SSL on my website?
It looks like you can do this with Cloudflare so if I were you I would email them to ask. See this article here: https://www.cloudflare.com/ssl If that doesn't work I would contact your web host. Your web host will be able to provide a solution for you that will be simple and easy.Jeremiah PrummerJP
-
Which level of DoS protection is best to start off with for a startup building a social network from the ground up?
Denial of Service protection is a key component of your perimeter defense along with your firewall, intrusion detection/prevention and continuous monitoring. There are several managed service providers that you can choose from. The first vendor you should contact is your Internet Service Provider (ISP), they may have DoS services available as a component of your contract or they will have DoS providers they partner with. Once you have identified the services your provider offers or the DoS protection partners they have you can evaluate which is best for you. If you have more questions on this or other security, data protection or regulatory requirements, PCI may be important for you, feel free to let me know. Best of luck in your venture! -StevenSteven ParkerSP
the startups.com platform
Copyright © 2025 Startups.com. All rights reserved.
