Blog categories

My blog posts and tweets are my own, and do not necessarily represent the views of my current employer (ESG), my previous employers or any other party.

I do not do paid endorsements, so if I am appear to be a fan of something, it is based on my personal experience with it.

If I am not talking about your stuff, it is either because I haven't worked with it enough or because my mom taught me "if you can't say something nice ... "

vBlog: Regulatory Compliance vs Operational Readiness (3 of 4): HIPAA

This month, I am taking a look at the differences between ‘Regulatory Compliance’ and ‘Operational Readiness’ through a series of videos.

Regulatory Compliance

The efforts to check the boxes before audits – often mandated by an industry (e.g. HIPAA), corporate (SOX) or legal (DOD 5.015.2-STD).

Operational Readiness

The IT efforts to ensure that key IT systems and data are resilient through high availability (HA), disaster recovery (DR) or business continuity (BC) technologies and services.



First, I did an overview of the dichotomy between regulatory compliance and operational readiness (BC/DR/HA).

Last week, I looked at regulations that affect US financial institutions (SEC) and publicly-held companies (SOX).

This week, we’ll look at healthcare organizations and their regulatory mandates in HIPAA.

Week 3: Healthcare Organizations

Next week, we’ll look closer at what IT professionals delivering data protection in government organizations, agencies and contractors that are regulated by CO-OP.

Thanks for watching.

[Originally Posted on ESG’s Technical]

Leave a Reply

@JBuff on Twitter