Greg Miller

Greg Miller is a Principal at Schellman. Greg leads the HITRUST service line. Greg has more than 20 years of combined audit experience in both public accounting and private industry.

  • Choosing the Correct SOC 2 Categories

    Choosing the Correct SOC 2 Categories

    Determining which SOC 2 Trust Services Categories (TSCs) to choose boils down to what categories are right for your business, services in scope, and customers.

    Read Article
  • Released! v8 - HITRUST Common Security Framework (CSF)

    Released! v8 - HITRUST Common Security Framework (CSF)

    The HITRUST Alliance, in its efforts to keep the framework up-to-date, provides new releases annually, being Version 8 of its Common Security Framework (CSF) their most recent one...

    Read Article
  • How Ethics Play a Role in  Creating a Successful Compliance Culture

    How Ethics Play a Role in Creating a Successful Compliance Culture

    They don’t call it a Compliancy and Ethics Program (CEP) for nothing. Though sometimes overlooked, ethics play an important role in the success of an organization’s compliance culture. Compliance...

    Read Article
  • FAQs to Help you Navigate HITRUST

    FAQs to Help you Navigate HITRUST

    As spending and data collection and creation in the healthcare industry increase, healthcare organizations are under immense pressure to improve quality, reduce complexity, and keep patient data...

    Read Article
  • What Business Associates Should Know About HITRUST Certification

    What Business Associates Should Know About HITRUST Certification

    So, you’ve been asked for a HITRUST certification? Odds are, 100 questions are racing through your head. Why would my organization be asked to hold this certification? What does certification even...

    Read Article
  • 5 Ways to Ensure Good Healthcare Security Hygiene

    5 Ways to Ensure Good Healthcare Security Hygiene

    Security is vital to the healthcare industry. Thirteen percent of CIOs, CTOs and CSOs reported being targeted by external threat attempts almost once a day, and 12 percent reported about two or...

    Read Article
  • Have No Fear: HITRUST Validated Assessment Process is Here

    Have No Fear: HITRUST Validated Assessment Process is Here

    Healthcare service providers are being told that they must begin their HITRUST Validated Assessment process soon, especially to meet the 2017 deadline for HITRUST Certification.  The looming...

    Read Article
  • Why CFOs Need to Spend More Time with the Compliance Department

    Why CFOs Need to Spend More Time with the Compliance Department

    Let’s face it — compliancy isn’t what it used to be. With mounting pressure for companies to embrace innovative technologies to maintain competitive edge, the compliance landscape has become...

    Read Article
  • Is HITRUST an All or Nothing Certification?

    Is HITRUST an All or Nothing Certification?

    Is HITRUST certification pass/fail or all or nothing? Must you achieve all 149 controls?  Although organizations are expected to implement all 149 controls as specified by their risk factors,...

    Read Article
  • Can I use the HITRUST certification to replace my SOC 1 or SOC 2 report?

    Can I use the HITRUST certification to replace my SOC 1 or SOC 2 report?

    Currently, HITRUST is not a replacement for SOC 1 or SOC 2 examinations. HITRUST and the AICPA have recently released a mapping document that identifies the CSF controls that are mapped to SOC 2...

    Read Article
  • HITRUST: A certifiable framework for the healthcare industry

    HITRUST: A certifiable framework for the healthcare industry

    The Health Information Trust Alliance (HITRUST) is an organization made up of leaders from a variety of industries, including Health Care, Security, and Information Technology, which was founded...

    Read Article
  • Ticketing System - How to Prove It?

    Ticketing System - How to Prove It?

    When working with clients to help identify control activities that may be in place, we auditors often find that clients have a hard time providing evidence to show that a given control activity...

    Read Article
  • Colocation Strategies – Perspectives from the Fall 2013 Data Center World Conference

    Colocation Strategies – Perspectives from the Fall 2013 Data Center World Conference

    I was honored to be part of a panel that spoke on Data Center Compliance during the Colocation Tutorial at Data Center World’s fall 2013 conference in Orlando, Florida. The theme of the tutorial...

    Read Article
  • Choosing the Correct SOC 2 Principles

    Choosing the Correct SOC 2 Principles

    via AccountingToday.com

    Read Article
  • loading
    Loading More...