Only scored where applicable to your business.
What this area covers
Also covered in this area
- Are you PCI DSS compliant? (if you accept card payments)
- If not applicable, why?
- Are you HIPAA / HITECH compliant? (if you handle PHI)
- If not applicable, why?
- Year of your last HIPAA audit
This library is general education, not advice about your specific organization. It describes what each control is and what strong practice looks like; whether and how any of it applies to you is your decision, in consultation with your carrier, broker, or counsel.