Release Notes: HIPAA Risk Assessment, ISO 27001, CSA STAR, Checkr, New Menu & More!

Welcome back to the December edition of #TheMonthlyByte! Yesterday, we announced the launch of our HIPAA and ISO 27001 software . Here’s a rundown of the new features and tools your team can use to make compliance suck less.

HIPAA Risk Assessment!?

I gotta break some bad news to you. There is no such thing as “HIPAA Compliance”. Yep, it doesn't exist, not a thing. The HIPAA law is enforced by the Office of Civil Rights (OCR). The U.S. Department of Health and Human Services (HHS) does not endorse a HIPAA certification or compliance assessment or firm. The evaluation standard § 164.308(a)(8) requires covered entities to perform a periodic technical and non-technical evaluation that establishes the extent to which an entity’s security policies and procedures meet the security requirements. This evaluation can be performed internally or by an external auditor. Read more here .

This is important to know because we often run into customers who have been paying tens of thousands of dollars for HIPAA compliance certifications that are not recognized by the Office of Civil Rights or the HHS. While there may be cases where a customer wants you to get one of these “certifications”, it’s important to know you have another option.?

Our new HIPAA Risk Assessment feature allows you to perform a collaborative, robust risk assessment that addresses the Security Rule (Privacy Rule coming soon) right in our platform. You can download an executive summary that can be provided to internal and external stakeholders who are interested in the safeguards you have in place to address the HIPAA Security Rule. When you sign up for the ByteChek platform, you’ll get to use this HIPAA feature along with the automated evidence collection and testing engine, NIST Risk Assessment, Information Security Policy generator, vendor reviews and much much more.?

Build your ISMS

We've built powerful ISO 27001 compliance software to help security teams build their Information Security Management System (ISMS) and prepare for ISO 27001 certification. We've built a solution that helps ByteChek customers quickly complete their required ISO 27001 Statement of Applicability (SoA) that summarizes their position on each of the 114 information security controls outlined in Annex A of ISO 27001. ByteChek customers can ollaborate on the completion of their SoA with other team members directly on the platform. With our automated solution, companies can create required ISMS policies leveraging ByteChek's intuitive ISMS policy generator. They can customize and maintain the version history of policies that support the ISMS. We're excited to continue to develop features like our statement of applicability dashboard and many other ISO 27001 specific components.

New Menu

Oh yea - those are socks! ?? We've simplified navigation on the ByteChek platform to help you quickly find all the ways we make compliance suck less.

New Home Dashboard!?

We’ve made it easy to assess your compliance status and quickly get around the ByteChek platform to complete tasks you need to accelerate your compliance journey.?

CSA STAR Level 1?

The Cloud Security Alliance Security, Trust, Assurance, and Risk (STAR) Registry allows cloud computing companies to publicly document their security and privacy controls. We support this transparency at ByteChek and developed an easy way for our customers to complete their level 1 self assessment, download a copy of the STAR Level 1: Security Questionnaire (CAIQ v4) to submit to the STAR registry. You can learn more about the CSA and STAR Registry at https://cloudsecurityalliance.org/ .?

Checkr Integration

Automate the testing of your background check control. In SOC 2, you'll be asked to prove that new employees undergo a background check (or similar screening) before they are hired. The ByteChek Engine now automatically tests whether your new employees completed background checks before their hire date.

Additional updates!

We’ve updated our integration with GitHub to make things easier for our customers to automate change management testing. You can streamline the completion of your SOC 1 assessment with exciting updates to the SOC 1 dashboard and many more UI and feature improvements!

Check out what our customers are saying about working with ByteChek here .?