Compliance & Audit

  • New York SHIELD Act - The SHIELD Act, which amends the State’s current data breach notification law, imposing more expansive heightens data security and data breach notification requirements on companies, in the hope of to ensuring better protection for New York residents from data breaches of their private information.
  • DFS regulation 23 NYCRR 500 - In New York State, Governor Andrew M. Cuomo announced the first-in-the-nation cybersecurity regulation to protect New York’s financial services industry and consumers from the ever-growing threat of cyber-attacks.
  • HIPAA-compliant GAP Analysis - To conform to HIPAA’s 3 Safeguards, 22 standards, and 53 implementation specifications.
  • Meaningful Use Risk Analysis – The first item required by HIPAA and core requirement for Meaningful Use funding.
  • Business Continuity Planning – A HIPAA requirement and the key to your organizational survival.
  • Security Incident Management – Breach remediation, mitigation and management as required by HIPAA.

Consider these examples:

  • A 5-doctor practice was fined $100,000 for sending patient data through unsecure e-mail.
  • A State Health Department paid $1.7 million after they lost a single backup drive.
  • A Teaching Hospital paid $1.5 million for a stolen laptop that contained 3,600 unencrypted patient records.
  • DFS announces Lincon Financial Group has paid $50.7 million to beneficiaries of New York policy holders for lost insurance claims.

“All of these situations could have been avoided for a fraction of the cost with proper consultation and remediation. NERO Consulting will help you create a culture of compliance within your practice. We provide all the tools and training to take the steps to create documentation, policies, and monitoring for everyday activities in your office.”