Ensuring the privacy and confidentiality of personal information is critical, particularly to those companies in the heavily regulated Financial Services and Healthcare industries, security and privacy provisions of either the Gramm-Leach-Bliley Act (GLBA) or the Health Insurance Portability and Accountability Act (HIPAA) make compliance challenging.

We offer a wide range of internal controls and risk assessment services to ensure compliance with these important information privacy laws and regulations.

Sirius Solutions provides a comprehensive approach to privacy compliance that addresses both the key GLBA and HIPAA requirements. Our approach assists organizations in implementing and assessing the effectiveness of the key processes and internal controls that protect the privacy and confidentiality of the company’s information, including:

• Administrative safeguards including privacy and security policies and procedures, training and awareness activities
• Physical security safeguards
• IT security safeguards including general controls, network and communication controls, application controls and business continuity/disaster recovery controls, information handling safeguards including security and controls concerning document handling, document destruction/disposal and document retention