While the process of assessing and maintaining compliances with standards is the same across all industries, the specific rules that must be followed vary. That means policies and procedures may differ, different data may need to be collected, and different questions may need to be answered.
That’s why we have different modules that can be used with the Compliance Manager platform. The basic Compliance Manager subscription includes a license to use all compliance standard modules for your first 10 client sites. Each site consumes only one license, no matter how many standards you apply to that site. Additional client site licenses can be purchased individually for just $50/site per month.
This module manages everything associated with HIPAA’s Security Rule. This module is designed to be used by any HIPAA “Covered Entity” (any organization in the healthcare industry) as well as any “Business Associate” (any company that works with a Covered Entity that may have physical or electronic access to patient information. It includes everything you need to automatically generate evidence of compliance in the event of an audit.
This module manages everything associated with assessing and maintaining compliance with the strict EU General Data Protection Rule (GDPR). The module is purpose-built to address each of the rules included in the sweeping regulation, and automatically flags areas of non-compliance, along with instructions on what to do about it.
This module enables you to apply the principles and best practices of risk management to improving the security and resilience of your clients’ IT infrastructures – regardless of their size, degree of cybersecurity risk, or cybersecurity sophistication. A workflow automation engine guides you through the entire process, identifying gaps and non-compliance with cybersecurity policies.
With built-in application questions taken directly from dozens of the largest cyber insurance companies, there’s no guesswork when it comes to compliance with your policy terms. This module quickly reveals specific red flags that may prevent you from getting paid in the event of a claim, and tells you what to do to fix it. Then, if you ever do have the need to make a claim, you’ll have proof of the Due Care necessary to compel the insurance company to pay.
This module guides you through the CMMC certification-preparation process, and once certified, helps you document your ongoing compliance to the standard. CMMC stands for “Cybersecurity Maturity Model Certification” and is the new standard that all 300,000 Department of Defense prime and sub-contractors must achieve in order to bid on any new or renewing government contracts. There are 5 levels of certification under this standard, with the vast majority of contracts to require Levels 1-3. CMMC Module is purpose-built and addresses Levels 1-3 assessments as well as the DoD NIST 800-171 Self-Assessment. This module also generates detailed compliance reporting that document the CMMC controls that have been implemented in preparation of certification by a Certified Third-Party Assessment Organization.