Blog
Insights and expertise from Thoropass
Introducing NIST CSF, CMMC Level 1 and Cyber Essentials
Strengthen your baseline security posture and align with the latest industry guidance. Our platform and experts are here to help you move forward with clarity and speed.
Compliance /
Why every business needs a business continuity and disaster recovery plan
A business continuity and disaster recovery plan will strike many business owners as a ‘nice to have’ rather than a must-have. Or you might think it’s essential for certain business functions (like IT) but less important in others (like PR, Comms, or HR teams.)
Compliance /
Your guide to implementing an ISO 27001 backup policy template
Surviving in the modern business world without a properly aligned backup policy template for your information security infrastructure is like jumping out of an airplane without a parachute. Business continuity, data protection, compliance, and disaster recovery are all tied to the ISO 27001 security framework, so not having a backup policy in place in your business continuity plan can spell disaster for your entire organization.
Compliance /
The FTC sets sights on healthcare tech
There is an adage in the compliance world that most organizations would do well to heed: Say what you do, do what you say. Failure to abide by this seemingly simple statement may have catastrophic consequences for your business. Consequences that extend beyond monetary losses and increased regulatory oversight to reputational damage and lack of consumer trust. In no area is this concept more important than in the healthcare industry, which is the third largest sector in the United States and accounted for nearly $4.3 trillion in revenue in 2021. While plenty of opportunity exists in the healthcare space, the business risk is equally great considering the types of sensitive personal data that are regularly collected, manipulated, and studied; especially as that data is aggregated and manipulated for predictive purposes (a fairly recent phenomenon known as Big Data).
Compliance /
HITRUST: What’s e1 got to do with it?
HITRUST has gained a lot of traction in the industry in the last decade. More and more, healthcare institutions, providers, and clearinghouses require it—and it’s not limited to them! But what exactly are they demanding?
Compliance /
What is the HITRUST CSF: A breakdown
No company wants to be subjected to a cyberattack or security threat, so protecting your digital information and technology is critical. Though there are countless information security frameworks and assessments available, the HITRUST CSF and HITRUST Validated Assessments with Certification are often regarded as the gold standard.
We provide the compliance expertise, so you don’t have to
At Thoropass, we’re more than a readiness solution. Our team of experts are equipped with insight and hands-on experience to provide you with industry-leading perspective and guidance.
Stay connected
Subscribe to receive new blog articles and updates from Thoropass in your inbox.
Want to join our team?
Help Thoropass ensure that compliance never gets in the way of innovation.
.png)
