Helping DIB Contractors, Healthcare Professionals and others navigate the ever-changing world of cybersecurity regulations.
Helping DIB Contractors, Healthcare Professionals, and others navigate the ever-changing world of cybersecurity regulations.
Achieving regulatory compliance can be daunting, especially when the rules keep changing. It's smart to have a partner like Ember Technology: an experienced, highly trained, and detail-oriented team who knows all the ropes - so you don't have to.
Achieving regulatory compliance can be daunting, especially when the rules keep changing. It's smart to have a partner like Ember Technology: an experienced, highly trained, and detail-oriented team who knows all the ropes - so you don't have to.
The Department of Defense (DoD) created the Cybersecurity Maturity Model Certification (CMMC) program in 2019; based on the cybersecurity guidelines already laid out in the National Institute of Standards and Technology's Special Publications 800 series (NIST 800 or NIST SP800).
Contractors in the Defense Industrial Base (DIB) need to be compliant with CMMC in order to win and service DoD aquisition contracts. CMMC is there to protect sensitive information involving DoD projects, the contractors themselves, and the final products against the increasing threat of cyberattack, malware, and compromise.
However, several major changes and updates to the program have made keeping full compliance difficult.
That is where experts like Ember come in, to assist contractors and subcontractors with keeping current, compliant, and secure.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted in 1996, intended to modernize the handling of healthcare information and ensure patient privacy.
Among other things, HIPAA stipulates how personally identifiable information (PII) or protected health information (PHI) needs to be handled and maintained by the healthcare and health insurance industries, in order to protect patient privacy, and guard against fraud and theft.
By now, most Americans are familiar with HIPAA's Privacy Rule, which covers how, and with whom, patient information can be shared. Less well known is HIPAA's Security Rule, which dictates how covered entities protect and secure their PHI in electronic form (e-PHI). This is where the cybersecurity component of compliance comes into play, and is arguably the more difficult portion to become compliant with.
To comply with the HIPAA Security Rule, all covered entities must:
We begin by determining your Compliance Level.
We evaluate your current situation and deliver a thorough Readiness Assessment.
We prepare a System Security Plan, (SSP) and Plan of Action & Milestones (POAM) to map out your journey to compliance.
You and your IT team implement the changes listed on your POAM.
We can suggest a qualified IT company if you don't currently have one.
Ember Technology was founded by a pair of tech industry veterans with well over twenty years of experience in the field, who wished to focus their efforts to specialize in regulatory compliance.
The Ember team has RPs, (Registered Practitioner), a Certified CMMC Professional (CCP-pending) and Provisional Instructor (PI) that are registered with the Cyber AB (formerly CMMC-AB).
Ember Technology
Powered by Soteria Technology Solutions