Milliman Security Management System MS2 Home | Contact | Site Map | Milliman    
Milliman Security Management System
Overview
MS2
MS2:VM
 

Compliance FAQs

 

What is the definition of common control?

 

Common control exists if an entity has the power, directly or indirectly, to significantly influence or direct the actions or policies of another entity. Organizations (or covered entities under HIPAA) that are responsible for sensitive information (or Protected Health Information under HIPAA) must assure implementation of appropriate safeguards in situations in which they exert common control. These safeguards must ensure that sensitive information, whether used internally or shared with contracted vendors or other business associates, has the minimum level of protection deemed necessary by the entity with the overall responsibility for the information.

 

 

 

 

 

 

 

 

 

 
Compliance FAQs

How does MS2 help implement and maintain an effective security compliance program?


How does MS2 help ensure that the proper security safeguards are in place?


How does MS2 help your organization comply with Sarbanes-Oxley?


How does MS2 help with Gramm-Leach-Bliley Act (GLBA) compliance?


Are all the elements of the GLBA Safeguard Rule included in MS2?


What kind of security risk assessment methodology does MS2 use and does it conform to NIST (National Institute of Standards) protocols?


Why does MS2 map controls to standards such as NIST and ISO?


What is the ISO 17799 standard, and why is it so important?


Does MS2 calculate a Return of Investment (ROI) for the security gaps identified during the risk and gap assessment?


How does MS2 help achieve HIPAA compliance?


Which features in MS2 help organizations achieve HIPAA Security compliance?


What is the definition of common control?

 

If my vendor says that the system we are using is HIPAA Security compliant, does that mean we are also HIPAA Security compliant?