NIST, HIPAA and CFR Title 21 standards.
We are a MSP, we recently picked up a few clients that need to become compliant in the near future.
We have become fairly educated in NIST, for the most part all standards look verify similar.
My question is “What did or do you do to be NIST, HIPAA or CRF Title 21” compliant?
All sites are Windows 2012R2 Domains, GPOs, AD user accounts and Data security is in place.
We are using existing documentation as Templates.
If you can give us a few ideas, thoughts or resources to look at that would be very helpful. The standards are rather ambiguous. We understand there is no certain way to do most of it. Do you use any software packages? Certain GPOs, is there Templates you know about? We would like to become more verse in these standards.
Please only positive replies, I think we can all live without negative remarks.
Thanks for your help