Loading...
Answers
MenuWe need to certify our start up with the best , most advanced healthcare information security vendors. Any ideas of the best start ups or ways to go?
We are not in USA so HIPAAA is not something we need to do. High security in our website and servers is a key advantage to our overall selling proposition and branding communication .
Answers
There are many security standards you can "certify" your datacenter with, such as NIST or ISO. You can read more about them here: http://en.wikipedia.org/wiki/Cyber_security_standards
In addition there are some SSL and Antivirus vendors who provide "security badges" that can be embedded to your website and prove that your DNS domain and SSL certificate are valid.
Having said that, If you are serious about security and want to leverage that as a competitive advantage you would probably have to implement deep security measures.
You could then publish these measures in a whitepaper that can be shared with your clients.
You can refer to what Amazon have published regarding their AWS product: https://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
Guy
If you are in the service provider space, I would suggest that you undergo a SSAE16, SOC2 audit. Refer to the following link for details: https://www.ssae-16.com/soc-2/
Hi I have over 20 years experience in securing networks and devices with confidential healthcare data. Also, I am multi-certified and I am a Healthcare Certified Information Security Practitioner(HCISSP).
Even if HIPAA is not something you need to do, your first step is to identify a industry standard security framework such as the ISO27000. The framework will provide you with guidance and Best Practices on how you should be securing your environment. The ISO Standards are globally recognized as a strong foundation for security and should be a consideration to follow if you are interested in processing, transmitting or storing healthcare information.
I would be interested in hearing about your strategy and understanding your requirements based on your business needs. This will enable me to recommend the best path for you to go to appropriately secure your environment. I would be happy to have a conversation with you to do this and offer my professional guidance.
Best Regards, Steven
Related Questions
-
How can I integrate SSL on my website?
It looks like you can do this with Cloudflare so if I were you I would email them to ask. See this article here: https://www.cloudflare.com/ssl If that doesn't work I would contact your web host. Your web host will be able to provide a solution for you that will be simple and easy.Jeremiah PrummerJP
-
What would cause messages from my new email address to go to some recipients junk folder? It's a new domain name. Anything I can do on my end?
I have a tremendous amount of experience sending emails from new domains - perhaps 2,000,000 emails per year - and the long and short of it is this: email deliverability is tremendously complex. Why? For one thing, because of the constant battle between spammers, ISPs, ESPs and other players, among other things. Also, because email still uses some very old and outdated protocols that make this all more difficult. If your business is going to rely heavily on email, I would encourage to educate yourself now so that you won't be stymied as you grow. Many of the things I learned were through trial and error - which can be excruciatingly frustrating. Just a few of the things you should immediately begin working on: proper SPF, SenderID, DKIM compliance along with solid DNS set up. Additionally, if you will use email heavily, I would start now putting the pieces in place for later white labeling aa nd possible dedicated IP sending. In terms of the actual email content itself, that is another subject you will want to investigate. I'm not saying these things to discourage you - but rather to help you avoid the mistakes we made in the past. If you need a hand getting a little grip on this I probably can steer you in the right direction pretty quickly. Wish you the best in your endeavor! AdamAdam Bowie ✔AB
-
I would like to hear if there are any complaints or dissatisfaction points from people who are using reCAPTCHA on a paid basis.
reCAPTCHA, developed by Google, is commonly used as a free service to protect websites from spam and abuse. While it's difficult to provide specific information about complaints or dissatisfaction points from individuals using reCAPTCHA on a paid basis (as it is primarily offered as a free service). 1. Cost-effectiveness: One potential point of dissatisfaction could be the perceived value of paying for a service that is available for free. If a paid version of reCAPTCHA were to be introduced, users might expect additional features or benefits to justify the cost. 2. Performance and accuracy: While reCAPTCHA is designed to be highly effective, it's not foolproof. Some users may experience difficulties or frustrations with the verification process. Issues can arise from misinterpretation of images, confusing challenges, or false positives/negatives, leading to extra time spent on completing forms or encountering access restrictions. 3. User experience: If reCAPTCHA is implemented in a way that negatively affects the user experience, such as causing delays or being intrusive, it could lead to dissatisfaction. Captchas that are excessively difficult, contain hard-to-read text, or require repeated attempts can frustrate users and impact their perception of the paid service. 4. Support and responsiveness: Paid users may have higher expectations regarding customer support and responsiveness to issues or inquiries. Dissatisfaction could arise if there is a lack of timely support or ineffective resolution of problems. 5. Alternatives and competition: Some users may be dissatisfied with reCAPTCHA's paid service if they find comparable or better alternatives at a lower cost or with more desirable features. Competition in the market can influence user satisfaction and their willingness to pay. It's important to note that the information provided above is based on general observations and hypothetical scenarios, as reCAPTCHA primarily operates as a free service. To obtain more accurate and up-to-date information about any specific complaints or dissatisfaction points from individuals using reCAPTCHA on a paid basis, it would be beneficial to research recent user reviews, forums, or contact Google directly for specific insights and support. I'm here to address any further questions you may have.Himanshu GoutamHG
-
Which CDN would you recommend for bot detection?
Distil Networks is more like a CDN (Content Delivery Network), so every traffic to customers website should pass through Distil server. In other words you have to point your DNS to their CDN (that can potentially bring down your site). They keep analyzing your website through out and if the traffic is found malicious they block. As you asked about competitors, ShieldSquare as a potential alternative, offers following benefits over Distil: Non-intrusive API integration that will not affect your website performance and uptime. Zero False Positives that will ensure that your genuine users are never troubled. I can offer more direction if I know more about your environment. Best Regards, StevenSteven ParkerSP
-
I have the ability to build Identity Access Mgmt. Where can I hire someone to backup my projects?
Can you give more detail about what you mean by backup your projects? This question is super vague... I can tell you about backup software, and backup systems if you are just looking to backup your work so you don't lose it in a disaster. I just am not sure that is what you mean seeing as you seem to want to share income with whomever helps you on this.Christopher Angulo-BertramCA
the startups.com platform
Copyright © 2025 Startups.com. All rights reserved.
