David Friend

Cloud Evolution – Why Multi-Cloud Will Win

Why Multi-Cloud Will Win When I was growing up in the 1970’s, IBM ruled the roost in corporate data centers. If you walked into a typical data center, nearly every piece of gear had an IBM logo on it and few believed that there were
/
Brand martech CMO

Martech: Brand Marketing is the New Demand Generation

First, An Apology Sorry, demand generation professionals. We still love you and your jobs aren’t going away. But, as you are well aware, the B2B buyer journey has changed—dramatically. Your roles, measurements, data sources, and tool sets have also transformed. All for the better. Meanwhile, building quality pipeline
/
Mobile security

It May Not Be Sexy, But Strict Compliance Delivers The Freedom To Innovate

Compliance and Business Innovation

When the U.S. based non-profit organization RHD | Resources for Human Development decided to move its operations into the cloud, one of its top priorities was compliance. As a company that prides itself on delivering compassionate, effective and innovative services that empower people to achieve the highest level of independence possible and to build better lives for themselves, RHD understood that compliance was vital to their operations.

A large portion of RHD’s funding comes from U.S. Government Health Programs. As such, compliance with the Health Insurance Portability and Accountability Act (HIPAA) was non-negotiable. HIPAA is a law designed to provide standards of protection for patients’ medical records and other health information provided to health plans, doctors, hospitals and other health care providers.

After an extensive search for the right cloud provider, they selected iland, because it “provided extensive reports showing the compliance of both the cloud platform and organizational processes to HIPAA along with SOC compliance reports. This gave RHD the confidence needed. They understood from these discussions that the target failover location would still maintain their HIPAA compliance.”

Why is compliance so valuable and important?

Compliance is like insurance. It’s not the most fun thing to talk about, and it often does not feature prominently in a company’s marketing materials, but the process of making sure that a company follows the laws, regulations, and ethical practices that apply to its industry as well as any part of the globe that it touches, is essential.

When a company attains compliance, it:

  • Reduces organizational and individual risk
  • Allows employees to operate with more confidence
  • Ensures availability of more reliable data
  • Levels the playing field between operators of all sizes.

Staying in compliance helps a business realize its mission and operate with the security of knowing that the data being handled on behalf of clients or customers is safe.

Abacus Group CTO Paul Ponzeka explains, “As more and more firms move operations into the cloud, they’re facing the increasingly difficult task of maintaining governance and control over applications, workflow and data. As application vendors increase their use and development of public cloud resources, users are following them. Firms need to adapt their compliance policies to encompass this new landscape. This means adopting proper use protocols for mobile and remote devices, as well as increasing use of security controls and review systems to get more transparency of how their data is being used. Gone are the days where a policy can state, ‘if it’s behind our fence, it’s controlled.’”

The details of compliance are often hard to understand, so it is advisable to work with a certified, experienced professional. iland has an in-house team of certified compliance staff that is ready to help ensure its clients have the necessary documentation to fulfill audit requirements in the U.S. the EMEA (Europe, the Middle East and Africa), and APAC (the Asia-Pacific Region). The iland Compliance Professional Services team works hand-in-hand with customers and channel partners to help address customer compliance demands.

iland has natively integrated advanced security features into its cloud platform, ensuring compliance with industry and governmental regulations. “Achieving a CSA Gold Certification validates the active security and risk programs in place at iland that helps identify, mitigate, and monitor information security risks to the scope of our management system,” said Frank Krieger, Director of Compliance at iland.

The most common categories of compliance

  • HIPAA (Health Insurance Portability and Accountability Act): A collection of U.S. regulations that sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA compliance.
  • GDPR (General Data Protection Regulation): European Union (EU) regulation on data protection and privacy for all individual citizens of the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA areas.
  • CJIS (Criminal Justice Information Services): Requirements outlined for CJIS such as networking, remote access, encryption, certification of cryptographic modules, and minimum key lengths are all enforced for customers utilizing the CJIS services.
  • PCI-DSS: (Payment Card Industry): Security requirements are not to be taken lightly, since breaches continue to occur at an unprecedented rate. Both with internal auditors and external third-party audits, iland maintains strict adherence to PCI-DSS standards used in the housing and processing of payment card activities.

For most organizations, the prospect of trying to establish and maintain compliance can feel overwhelming, and there is no doubt it diminishes any employee’s ability to focus on the work that they were hired to do in the first place. That’s why so many companies are outsourcing their compliance needs to their cloud providers, in the understanding that those companies have procedures in place, and qualified personnel who can manage their compliance status and ensure that they stay on the right side of the law.

To find out more about how iland can help you ensure overall compliance, get in touch today with one of our expert consultants.

By Steve Prentice

  • Steves Articles
Senior CloudTweaks Writer
Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.
follow me
Kris Lahri

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet ...
The Massive Growth of the IoT Services Market

The Massive Growth of the IoT Services Market

Growth of the IoT Services While the Internet of Things has become a popular concept among tech crowds, the consumer IoT remains fragmented. Top companies ...
As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

The Multi-cloud Landscape The digital universe is expanding rapidly, and cloud computing is building the foundation for almost infinite use cases and applications. Hence, it’s ...
Amazon logo

Amazon Expands Chicago Tech Hub and Announces Plans to Create 400 New Tech Jobs

/
Amazon to double its tech workforce in downtown Chicago Tomorrow, September 17th, Amazon will hold ‘Amazon Career Day’ event in Chicago for job seekers to learn more about the hundreds of open positions across Illinois—candidates can register ...
400 Million Medical Radiological Images Exposed on the Internet

400 Million Medical Radiological Images Exposed on the Internet

/
An analysis of medical image storage systems exposed to the public web reveals that almost 600 servers in 52 countries are completely unprotected against unauthorized access. Audited systems were unpatched ...
The Guardian

Google, Facebook, Amazon and Apple asked to turn over internal documents

/
The US government’s investigations into big tech widened on Friday as lawmakers announced they were seeking internal documents from Google, Facebook, Amazon and Apple. Letters went out to the four ...

TRENDING | TECH NEWS