The Health Insurance Portability and Accountability Act (HIPAA) establishes the standard for the management of sensitive patient data protection. Organizations that manage protected health information (PHI) need security measures in place and evidence they are followed to display they are HIPAA Compliance.
SureCloud Standards and Control Library
SureCloud supports multiple compliance frameworks and standards using our control mapping technology. Allowing you to directly import and update the frameworks and standards into your compliance solution seamlessly.
ISO 27001 Infomation security management system is a standard used for creating a framework on managing risks to the security of information you hold.
NIST Cybersecurity Framework (CSF) is U.S. Government guidance for private sector businesses that own, operate, or supply critical infrastructure. NIST CSF provides a base level of cybersecurity processes and essential controls.
Access all 850, out of the box, SCF controls that are rationalized and baselined against 150+ global regulations, frameworks and standards.
ISO 27017 Information technology — Security techniques — Code of practice for information security controls. This standard outlines the guidance and implementation of cloud-specific security controls.
The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider.
PCI DSS is the global data security standard that any business of any size must adhere to accept payment cards. It offers common-sense steps that mirror security best practices.
NIST 800-171 is U.S. Government guidance for protecting Controlled Unclassified Information.
ISO 27018 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.
The ISF Standard of Good Practice for Information Security provides a business-orientated focus on current and emerging information security issues and helps organizations develop a practical framework for information security policies, standards and procedures.
NIST Privacy Framework is U.S. Government guidance to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy.
ISO 27002 Information technology — Security techniques — Code of practice for information security controls.
NIST 800-53 is U.S. Government guidance for all U.S. federal information systems except those related to national security. NIST 800-53 provides security and privacy controls.