Blog

Insights and expertise from Thoropass

Featured

Introducing NIST CSF, CMMC Level 1 and Cyber Essentials

Strengthen your baseline security posture and align with the latest industry guidance. Our platform and experts are here to help you move forward with clarity and speed.

Learn More

Latest posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Compliance /

SOC 2 Controls List Overview

Protecting customer data isn’t just about checking a compliance box—it’s about building trust. Whether you’re new to SOC 2 or looking to streamline an existing process, understanding which controls apply to your organization is pivotal.

Read Article
soc 2 controls list

Compliance /

HIPAA requirements for HealthTech SMBs

It can be difficult to translate vague, risk-focused HIPAA requirements into actionable controls and policies. What’s more, it takes significant time, money, and effort to become HIPAA-compliant.

Read Article

Compliance /

MOVEit or lose it: Lessons learned from the recent zero-day vulnerability

On May 27, 2023, a coordinated cyberattack began taking place against hundreds of organizations with one thing in common: Their use of MOVEit Transfer, a secure file-sharing tool relied upon by government agencies and private enterprises for securely sharing business-critical information. This article will break down how the incident unfolded and how organizations can better protect themselves from similar threat events.

Read Article
Close up photo of user typing on a keyboard

Compliance /

IT solutions powering the newest era of digital health compliance

Thoropass sat down with IT Brew to discuss IT solutions powering the newest era of digital health compliance. During the virtual event, leaders in the industry, including HITRUST expert, Jason Kor, and Jim Chou, CTO of Helix, discussed the current world of compliance and InfoSec regarding health tech and digital health solutions. Also included were tidbits on the latest in all things privacy and fraud mitigation and prevention and how IT is evolving to meet ever-growing demands.

Read Article
IT Brew LIVE image featuring Jason Kor

Compliance /

GDPR countries: What countries are covered by GDPR?

General Data Protection Regulation (GDPR) is designed to protect the fundamental rights and freedoms of individuals residing in the EU in relation to the processing of their personal data. It was designed to address the rapidly evolving digital landscape and the need for stronger data protection laws.

Read Article
Flags of GDPR countries in the European Union on display
Curated by experts

We provide the compliance expertise, so you don’t have to

At Thoropass, we’re more than a readiness solution. Our team of experts are equipped with insight and hands-on experience to provide you with industry-leading perspective and guidance.

Meet the Experts

Stay connected

Subscribe to receive new blog articles and updates from Thoropass in your inbox.

Thank you for subscribing! Be on the lookout for confirmation in your inbox!
Oops! Something went wrong while submitting the form.

Want to join our team?

Help Thoropass ensure that compliance never gets in the way of innovation.

View open roles

Have any feedback?

Drop us a line and we’ll be in touch.

Contact us
Get Started

Solutions

Get CompliantMaintain ComplianceIT Security Audits

Products & Services

Thoropass AuditCompliance AutomationPentestingThoropass AIAccess ReviewsSecurity QuestionnairesRisk AssessmentTrust CenterIntegrations and APIs

Frameworks

SOC 1SOC 2HIPAAHITRUSTCyber EssentialsGDPRISO 27001ISO 27018ISO 42001CMMC Level 1NIST CSF 2.0PCI DSSOther Frameworks

Industries

HealthcareSaaSFinTechOther Industries

Company

Our DifferenceMeet the ExpertsNewsroomCareersIndependence and ExcellenceBecome a PartnerTrust CenterContact us

Resources

Case StudiesBlogGuidesEventsHelp Center

Legal

MSADPAReport an IssueTerms and ConditionsPrivacy Policy

Leading by Example: Thoropass' Certifications

© Copyright 2025 Thoropass, Inc.