Privacy
Protect what matters most and build trust with your customers.
Privacy Services
Looking for more information? Click here for Privacy Services resource downloads.
Privacy matters. Take a security first approach to privacy with Drummond. With new mandates at the state and federal level, we are there with you every step of the journey. Our team of highly-skilled experts will help you implement the latest privacy controls so you can have better alignment between your security and privacy programs. And, as a compliance and certification expert, Drummond’s team will take an integrated approach to protect sensitive information across multiple mandates as needed. Our comprehensive suite of privacy services helps you achieve compliance with regulatory information security mandates for the following:
HITRUST
Many healthcare organizations are now requiring their Business Associates and Service Providers that either capture, store, or process Protected Health Information (PHI) to become Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) Certified to protect PHI and comply with the HIPAA Privacy, Security, and HITECH regulations.
Drummond helps you achieve compliance and be prepared for these regulatory information security mandates. Experience our team of highly skilled experts – having completed over 275 certifications to date — ready to collaborate with you and your team on your HITUST certification and cybersecurity needs.
HIPAA
As a covered entity you are required to comply with the risk analysis requirement mandated by the HIPAA Security Rule, MACRA, Meaningful Use and other regulations.
Drummond helps you achieve HIPAA compliance as an independent third-party assessor and a recognized leader in Healthcare and HIPAA compliance – with over 200 HIPAA assessments completed to date. Our industry experienced healthcare compliance team will give you an objective view of potential risks and vulnerabilities to patient information and we will ensure that your security, privacy, compliance goals align with business goals and ultimately mitigate risk.
GDPR Compliance Attestations (ATC-315)
All US IT based businesses with customers in the EU are now required to comply with EU General Data Protection Regulation (GDPR) to provide your clients with confidence and trust they need to do business with you.
Drummond Assurances Services delivers an ATC 315 audit of GDPR so you can meet compliance obligations with existing customers and attract new customers by demonstrating your organization’s compliance with this important EU regulation. It also provides your investors, board of directors, and executive management critical information they need to manage GDPR compliance risk.
SOC 2 with Privacy
SOC 2 with Privacy expands on the traditional report on your organization’s internal controls as they relate to the AICPA Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. This is for organizations that create, collect, transmit, use, store personal information, or that interact with the data subject. The SOC 2 Audit with Privacy report provides confidence to your customers that you have controls in place to protect their personal information.
Experience our team of highly skilled experts ready to collaborate with you and your team. Increase trust, gain expertise and experience our proven methodologies and attention to detail as we partner with you for your long-term success and help you implement and correct any identified security deficiencies.