Compliance

5/24/2018 Compliance

May 2018

With the General Data Protection Regulation (GDPR) legislation set to go into effect on May 25th of this year, it’s no surprise that there has been a plethora of questions come our way regarding this data protection regulations. Digital Edge's VP of Compliance answers the most commonly asked questions! 

5/22/2018 Compliance

Digital Edge Green Policy

Author: Danielle Johnsen (VP of Compliance)
Date: 22 May 2018
Version: 2.4

This document defines Digital Edge’s Green Policy.

5/22/2018 Compliance

Are You Ready for GDPR on May 25th?

Digital Edge is always working to stay compliant, which helps make compliance easier for your business.

5/21/2018 Compliance

Digital Edge General Data Protection Regulation Policy

Author: Danielle Johnsen (VP of Compliance)
Date: 21 May 2018
Version: 1.1

This document defines Digital Edge’s policy on General Data Protection Regulation of European Union and is based and principles.

5/17/2018 Compliance

Risk Driven Information Technology Organization

Or one may say Compliance Driven IT organization. As in the core of any today’s compliance lays Risk Management.

This article explains how to setup Risk Management practices for Cyber Security management. When it comes to Cyber Securty it's best to prepare for the worst-case scenario. It'll guide you on how to find ways to identify threats, face them and prepare to defend your business as well as give you templates to download to start your own risk management practice!

"The best garison is not the one that has lots of weapons but the one who has lot training."  

-M. Petrov CEO

 

5/11/2018 Compliance

April 2018

Last month, many New York State Financial Institutions received their scary “Failure to File Certification of Compliance” email and were perplexed by what to do next… Don’t fear, the Digital Edge's VP of Compliance is here to answer your many many submitted questions regarding NYS Department of Financial Services Part 500 Mandatory Cybersecurity Requirements! These are the questions for this month:

  • I thought I was exempt and now I’m being notified that I’m PAST DUE, what do I do next?
  • Where do I find a sample Certificate of Compliance? Do I have to create my own?
  • What does Entity ID mean on the portal?
  • Should I file this certificate if we are not yet in compliance with all applicable requirements of Part 500?
  • This law requires me to report any cyber-security breach, is there a particular time frame?
  • Are all Third-Party Service Providers required to implement Multi-Factor Authentication and encryption when dealing with a Covered Entity?
  • What constitutes "continuous monitoring" for purposes of 23 NYCRR 500.05?
4/5/2017 Compliance

ISO 27001:2013 High Level Information Security Policy

Author: Danielle Johnsen (VP of Compliance)
Date: 5 April 2017
Version: 2.0

This document defines Digital Edge’s policy on Information Security and is based on the following principles.

LET'S TALK: 800-714-5143