ResourceCenter

3PHealth is a communications platform for health enterprises and their users, providing privacy and s curity solutions for the transfer of sensitive personal health information, not only between a primary care physician and her patient, but between the patient’s mobile device and connected medical devices. 3PHealth’s platform also manages patient consent to help users control the collection, flow, use, and assignment of their private data. Its technology also allows users to users to fine tune their sharing preferences in a secure fashion.

Briefly, 4A Security & Compliance is a global cybersecurity and compliance firm. With years of experience conducting information security and compliance assessments, 4A has developed a quantitative approach to the analysis of cyber risk that helps organizations prioritize security investments and strategies for risk management across the enterprise. 

Absio offers an easy-to-implement, cross-platform technology that enables applications, services and websites to automatically produce and manage encrypted data everywhere, all the time, by adding a few simple lines of code. Absio’s software-defined, Serverless Encryption™ technology functions across platforms and devices without requiring connection to a central server, providing strong data security without sacrificing data mobility or availability. Multi-language software development kits (SDKs) enable developers to easily integrate PKI-based authentication and data-level encryption into new and existing software. No need to manage keys and certificates, add hardware, or rely on a third-party service.

Alation is the first enterprise data catalog built for collaboration. It is used by people such as data consumers — data analysts, data scientists, business users; data curators — stewards of data, or data governors; and data creators — typically IT administrators who manage the storage, integration and dissemination of data.

Arcad has several software solutions for helping organizations with their data. Their Datachanger software helps a company with data configuration management. It identifies and maintains a list of configuration data and packages them into different versions. It builds audits for the data, and lets users see what data elements were changed, the before and after of the changes, who changed the data, and when. The company’s DOT Anonymizer allows testers to safely extract production data for testing.

Authernative is a developer of cutting-edge user authentication solutions backed by a strategic and industry leading 31 patent IP portfolio and Government certified technologies. Authernative’s innovative platform of authentication solutions provides new critical and strategic end-to-end security features and capabilities that uniquely solve today’s authentication and credential security challenges.

Authernative’s authentication technologies offer a consistent user experience across any platform or device, along with scalable security levels and a low TCO, enabling unique opportunities to protect and expand online and mobile services for consumers, enterprises and government.

BitSight offers a security rating platform designed to generate measurements on a company’s security performance on a daily basis, with ratings ranging from 250 to 900. The ratings are generated by the platform using algorithms to analyze prior security incidents and practices and can be used by companies to examine the impact of their risk mitigation efforts, while comparing their progress with rival companies. The platform allows for companies to engage with third parties and company stakeholders to collaborate on risk and data-driven security.

Bloomberg Law has released a privacy and data security tool to help privacy professionals stay up to date on privacy news from all around the world. The news is produced by Bloomberg reporters and editors, and can be seen in a News Activity Heat Map. Privacy professionals have also helped curate profiles on countries from around the world, focusing on key issues, privacy laws, and regulatory frameworks. The tool also has a timeline on major milestones regarding the EU General Data Protection Regulation, and an interactive tool designed to inform privacy professionals on newly passed laws and regulations. The tool gives professionals the ability to compare laws from within the U.S. and other countries.

BMI Imaging Systems provides HIPAA-compliant document scanning and electronic medical record management, enabling healthcare companies to safeguard patient medical information. BMI’s facilities are not shared with any other entities, are remotely monitored and feature secure access that meets Federal-level NIST SP 800-53 guidelines. Staff is trained in HIPAA compliance and document conversion procedures designed to conform to the paper and data requirements of HIPAA regulations. All sensitive records are secured with document and folder level security, check-in/check-out tracking system, read-only outputs and redaction.

Cyber Fraud and Risk Management

Ensure regulatory compliance and stop fraudulent activity and data theft with protection against cyber-attacks, insider threats, web and mobile fraud, payment fraud, and money laundering.

Healthcare privacy and data security

Following HIPAA and HITECH mandates, create a full cross-application audit trail of end-user access to protected health information, detect unauthorized user behavior in real-time, and replay interactions when needed to help detect and prevent fraud.

BreachRx is SaaS-based software that automatically generates tailored breach response plans in the aftermath of a data breach. The incident response platform helps companies recover from data breaches/cyber incidents more efficiently and in compliance with their regulatory and contractual obligations. Data breach response implicates several business functions, including IT, compliance, general counsel, outside counsel, communications/PR and the C-suite. BreachRx allows all these disparate areas of the business to collaborate on the response in one place, in real-time, and to automate as many parts of the process as possible.

Clearwater Compliance offers software designed to help companies create privacy and breach notification compliance programs. The software helps companies navigate through the 78 requirements of the HIPAA Privacy Rule and 10 requirements for the Breach Notification Interim Final Rule. The software helps organizations identify gaps in their privacy and breach notification programs, stores all compliance documentation in a central, secure location, creates and prioritizes remediation actions, and prepares documentation in case of an OCR audit. It also includes an Executive Dashboard that is updated as gaps are fixed.

Data Dynamics is a leader in intelligent file management solutions that empower enterprises to seamlessly analyze, move, manage and modernize critical data across hybrid, cloud and object-based storage infrastructures for true business transformation.

Dataguise’s platform helps an organization discover, audit, and monitor sensitive data in real time. The platform monitors all of the data whether it is within the enterprise or on in the cloud. Dataguise offers templates for companies to use to create their own policies, and allows them to build their own data elements. The dashboards on the platform allow an organization to determine who is accessing data and when, and sends alerts whenever sensitive data is discovered. The platform offers an automated method to encrypt all information within all data repositories and helps ensure companies are compliant with privacy and regulatory mandates.

Déjà vu Security has been a trusted provider of information security research and consulting services to some of the world’s largest and most-esteemed technology companies. Our expertise is in information security services where we provide our clients strategic insight, proactive advice, tactical assessment and outsourced development. For each client, we offer a full range of security services.

DeUmbra began with a simple principle: create cutting-edge technology solutions to secure the world by leveraging smart algorithms to find patterns in suspicious behavior among massive volumes of data. DeUmbra brings more than 15 years of research and development in network/graph analytics, machine learning, anomaly detection, natural language processing, social media analysis, and behavior analysis of structured data (e.g., SIGINT, transactional data). We have developed mature capabilities to identify entities (e.g., human individuals, networks, ships, usernames) of interest, track changes of the entities over time, identify likely adversarial entities/behaviors and anticipate their future activities, and identify entities of interest (e.g,. those vulnerable or prone to radicalization, recruiters, adversaries, etcetera).

ColorCodeIT is cloud-based software that calculates real-time updates on an organization’s regulatory compliance status, mapped to the exact language elements of the compliance standards themselves. AI and Natural Language Processing assist the standards parsing process, generating color-coded templates with core language metrics. During configuration, binary mapping to the organization’s digital evidence is completed. Updated files are imported from web containers to sustain compliance on an ongoing basis. Audit work papers are auto-populated from the database. Integrated risk is monitored on a calculative basis via live dashboard reporting, performing months of work by multiple resources in a fraction of a second.

DocEx allows protection and access-control for sensitive documents in-transit, internally or externally. Companies can maintain full custody, control and track forwards, views, prints, downloads, and all other actions. You can manage consents, authentications, watermarks, bates numbering, and geo-location rules. You can also manage service levels, revoke access manually or automatically, and download full reports for proof-of-compliance. Live policy enforcements, alerts, and dashboards make you proactive to threats and give you insights into the usage of your content. Additionally using custom policy templates, you can comply with GDPR, GLBA, Privacy Shield, Communications Act, and other regulations.

GarbleCloud is the "Data Privacy-as-a-Service" provider for the cloud. We enable businesses and individuals who need to protect their data that is strewn across multiple cloud-based platforms (such as Google Drive and Dropbox) — with an ultra-secure cost-effective solution. Garblecloud's patented technology harnesses the advances in cloud computing to enable encrypted file management at scale, without breaking the functionality of the various SaaS applications. This means that whether you are using Google Drive, DropBox, Slack, OneDrive or any other cloud-based application, you control how the application and other users access your data, for what purpose, in what form and for how long.

Ghostery offers several privacy solutions, including its Ad Notice tool, which helps organizations to give their consumers control to the ads served. This tool ensures companies stay compliant with AdChoices, while giving consumers transparency into what ads a company is delivering to them. Ghostery also has a GDPR Assessment Report to help companies comply with the upcoming regulation by identifying third-party activity on their website while offering privacy analysis.

Halo Privacy runs its solutions through its Halo – Corona privacy appliance, allowing for companies to use its collaboration and messaging applications. Halo offers software to let users bring all of their communications under one roof, providing private, real-time messaging and searchable archives. Halo also lets an organization secure all their information onto the privacy platform, and allows users to securely deliver emails on the platforms they currently use. The company also offers a secure VPN option.

Immuta’s hyperscale data management platform provides data scientists, data owners, and data governance professionals with rapid, personalized data access to dramatically improve the creation, deployment, and auditability of machine learning and AI. The Immuta platform connects and catalogs data from any enterprise source and applies dynamic policies on that data–including masking, anonymization, differential privacy, and purpose-based restrictions–without requiring any customized code. Immuta can be deployed on premise, on the cloud, or both, enabling faster virtual connections to data, seamless policy enforcement throughout the entire data science lifecycle, and managed, granular access controls for data and machine learning models.

Informatica is a data management and security company with market products in all categories of data management. Informatica’s data security helps organization detect and protect by locating and analyzing risk, monitoring and protecting structured and unstructured private and sensitive data. Its solutions classify and locate PII, how it’s accessed, and develops a risk score to prioritize remediation with the orchestration of data protection; including access controls, encryption, tokenization, and masking. Informatica’s platform also monitors data flows, access and behaviors, and alerts clients to unusual or anomalous events. They provide data anonymization and protection with dynamic and persistent data masking.

Ingalls Information Security is a Louisiana-based boutique computer security company with a mission to prevent and respond to data security breaches. We have responded to the largest data breaches in history and provide consulting services to the federal government and financial institutions, as well as to nonprofit organizations.

Our business and our passion to deliver outstanding cybersecurity risk management is fueled by the information we've gathered and the experience that these types of engagements provide. We have (in many cases, attorney-client) privileged views into the innards of the compromised networks and the cloud services of businesses and other organizations large and small. We use the knowledge we gain with this view — of what works and what doesn't, how it happened, and how to fix it — to provide our clients with the best possible risk management people, process and technologies at a price point that is affordable by anyone with a need to protect their information.