HITRUST Compliance & Consulting Services for Houston, TX Healthcare Organizations

FLANK, a leading provider of compliance services for Texas businesses, offers comprehensive HITRUST compliance & consulting services for Houston, TX healthcare organizations. HITRUST has now become one of the most requested regulatory compliance reports, which means literally tens of thousands of businesses throughout North America must become compliant.

Houston, with a large number of healthcare professionals, has a growing number of businesses seeking highly-qualified, HITRUST professionals, and FLANK is Houston’s leading provider of HITRUST compliance & consulting services.  FLANK offers the following HITRUST compliance & consulting services for Houston, TX businesses:

HITRUST Readiness & Gap Assessments

The HITRUST Common Security Framework (CSF) has two main challenges for healthcare providers. First, it’s an incredibly lengthy, comprehensive, and complex document. Second, it is constantly being revised and updated. These two variables create immense issues for healthcare organizations trying to keep pace with growing regulatory compliance mandates.

Because of these very challenges, it’s highly important to perform a HITRUST readiness & gap assessment. Benefits of such an assessment include the following: (1). Gaining a strong understanding of scope in terms of business processes to be assessed, personnel and physical locations involved. (2). What third-party entities are to be included in the assessment, and more. Furthermore, you’ll be able to readily identify gaps and deficiencies that require immediate attention prior to even thinking about performing a HITRUST assessment by qualified auditors.

HITRUST Toolkit with Policy Templates for Houston Businesses

We hear the story time and time again, and it’s the following: “We need help in writing policies and procedures for HITRUST compliance, so do you offer such services and policy toolkits and templates?” The cold-hard truth is that one of the most demanding and time-consuming aspects of becoming HITRUST compliant is developing policies and procedures, and its why FLANK has developed the HITRUST Policy Template Toolkit.

Continue reading
17 Hits

Security Policy Templates, Examples, Samples | Hundreds Available | Download

Security Policy Templates | Hundreds Available for Download

Security policy templates, examples, and samples are offered as part of the all-inclusive set of documents from FLANK, a global leader in the field of security documentation for all types of organizations, regardless of size, industry, or location. Security policy template are a must-have, as every business has a justified need to document their technology processes and procedures for a number of obvious reasons. First and foremost, security policy templates help organizations in documenting one’s overall technology infrastructure, starting with the network layer, all the way down into internal hosts, of which many are in virtualized environments.

Who are We? We’re FLANK. Learn About our 3 Point Stance!

1. Providers of World-Class InfoSec & Compliance Policy Templates & Toolkits2. Saving Businesses Thousands of Dollars with Outsourced Compliance Service Offerings3. Offering set fees for Security, Governance, and Regulatory Compliance Assessment & Audit Services

One of the larger, more pressing demands on businesses today is having security policy templates for regulatory compliance needs. Just stop and think about all the laws, mandates, and security audits, requiring documented policies and procedures - here’s the short list: Payment Card Industry Data Security Standards (PCI DSS), SSAE 18, HIPAA, GLBA, Sarbanes-Oxley (SOX), FISMA, DFARS, and much more.

Hundreds of Security Policy Templates Available for Download

What businesses need today are security policy templates developed by seasoned veterans from the I.T. community - comprehensive documentation that truly encompasses what organizations need from an information security perspective. With the FLANK21 set of operational, business specific, and information security policies, procedures – and more – you’ll get the very best security policy templates found anywhere today.

Security Policy Templates from a Global Leader in Security

FLANK is a recognized global provider of policies, procedures, provisioning and hardening checklists - and other supporting documentation - for companies seeking the highest quality security policy templates, examples, and samples found anywhere. Our talented staff - which includes systems and network engineers, regulatory compliance auditors, along with C level management - have spent years working together in developing what’s arguably some of the most complete and comprehensive set of security policy templates, examples, and samples found anywhere. A quick summary of the FLANK21 set of documents (available for purchase and immediate download) shows just how in-depth and comprehensive our material is:

Continue reading
34 Hits

GDPR Policy Templates for Download – Get Compliant

GDPR Policy Templates & Toolkit for Instant Download

FLANK offer GDPR policy templates and policies & procedures for instant download today for businesses all throughout the globe looking for high-quality, professionally developed policies and procedures for the General Data Protection Regulation. With a compliance deadline of May, 2018 fast approaching (as of this writing), controllers and processors are no doubt working hard in putting together a compliance framework that meets the stringent guidelines of the GDPR.

Missed the deadline of May, 2018 and still need assistance? Then start saving dozens of hours and thousands of dollars on GDPR compliance by instantly downloading the GDPR All-in-One Global Compliance Toolkit containing hundreds of pages of GDPR policy templates. For GDPR consulting and compliance services, please email us at This email address is being protected from spambots. You need JavaScript enabled to view it. today.

Get Compliant - Download GDPR Policy Templates & Toolkit Now

What’s missing and what’s causing the compliance headache? GDPR policy templates. Specifically, controllers and processors are having a difficult time finding high-quality templates and then the time for authoring GDPR documentation. Not anymore, thanks to FLANK. Businesses can now download the GDPR All-in-One Global Compliance Toolkit containing hundreds of pages of GDPR policy templates.Our GDPR All-in-One Global Compliance Toolkit includes the following essential compliance documents:

1. GDPR Compliance Requirements and Overview Matrix2. GDPR Mapping to ISO 27001/270012 Matrix3. GDPR Compliance Checklist4. ISO 27001/27002: 2013 All-in-One Toolkit5. Information Security & Cybersecurity Policy and Procedures Manual6. Incident Response and Breach Reporting Program – GDPR 7. Breach Notice Letter (Enhanced for GDPR)8. Third-Party Due-Diligence & Vendor Management Program – GDPR9. Data Privacy Notices for Websites (enhanced for GDPR)10. Data Processing Policy and Procedures - GDPR11. Data Processing for Special Categories Policy and Procedures - GDPR12. GDPR Data Protection Impact Assessment (DPIA) Template Program13. Data Protection Officer (DPO) Policy and Procedures - GDPR14. Data Protection Policy and Procedures – GDPR15. Data Quality Policy and Procedures - GDPR16. GDPR Consent Checklist17. Personal Data Inventory Matrix for Data Subjects - GDPR18. Records of Processing Activities Matrix for Data Subjects - GDPR19. Right of Access Policy and Procedures - GDPR 20. Right to Data Portability Policy and Procedures - GDPR 21. Right to Erasure Policy and Procedures - GDPR 22. Right to Object Policy and Procedures - GDPR23. Right to Rectification Policy and Procedures - GDPR24. Right to Restriction Policy and Procedures – GDPR

Authoring GDPR policies and procedures can be an incredibly tedious undertaking, especially when you have little to no templates to start with. Not anymore, thanks to the compliance experts at FLANK who offer world-class GDPR policy documentation that’s available for instant download today. Becoming GDPR compliant has never been quicker or easier, thanks to FLANK’s world-class documentation.

Continue reading
53 Hits

What is FISMA and NIST?

What is FISMA and NIST?

A: FISMA stands for the Federal Information Security Modernization Act (FISMA) of 2014, It is US legislation creating a comprehensive framework for protecting government information, operations and assets against man-made or natural threats. It is in fact an enhanced version of the original Federal Information Security Management Act signed into law by President George W. Bush in 2002.

NIST, is the acronym for the National Institute of Standards and Technology (NIST), a standards body within the federal government that puts forth a wide-range of publications that set the standards for recommended security controls.

Organizations all throughout North America need to have a solid understanding of the role of FISMA & NIST as federal cybersecurity requirements continue to grow.

What is NIST SP 800-53?

Simply stated, NIST SP 800-53 requires federal contractors to put in place comprehensive information security and privacy policies, procedures, processes, and related internal controls.

It’s a “Special Publication,” titled Security and Privacy Controls for Information Systems and Organizations, and it is one of the most well-respected, well-known, and comprehensive security publications found anywhere in the world. It contains a prescriptive listing of control families and related security and privacy controls that federal contractors need to have in place for becoming FISMA compliant.

Continue reading
74 Hits

Writing Information Security Policies and Procedures is What We Do Best!

Writing Information Security Policies and Procedures is What We Do Best!

Writing information security policies and procedures is a very time-consuming, arduous task, to say the least. As a business owner or employee, you have to set aside important tasks, find a set of high quality templates - or even worse - dust off those antiquated shelf-ware policies and procedures written years ago. Isn’t there a better way of writing information security policies and procedures? There is, and it starts with FLANK, a global leader in providing documented policies, procedures, forms and checklists for literally anything related to information security.

Who are We? We’re FLANK. Learn About our 3 Point Stance!

1. Providers of World-Class InfoSec & Compliance Policy Templates & Toolkits.2. Saving Businesses Thousands of Dollars with Outsourced Compliance Service Offerings.3. Offering set fees for Security, Governance, and Regulatory Compliance Assessment & Audit Services.

FLANK and their trusted consultants, who range from network engineers, consultants, auditors to C level management, have put together one of the most in-depth and comprehensive set of information security policies you will find anywhere. It's called the FLANK21 – just how comprehensive are these documents - consider the following:

Hundreds of policies, procedures, forms, and checklistsProvisioning and hardening documents for ensuring all I.T. systems are properly secured before being deployed out on a network.Dozens and dozens of sections and categoriesDocumentation for many of today’s growing fields within information technology, such as cloud computing and virtualization.Extremely detailed and well-written, and growing everyday - thanks to our talented and skillful staff, who are constantly adding more and more quality documents all the time!Developed utilizing various provisions from some of the world’s most recognized information technology benchmarks, standards, and frameworks.Writing Information Security Policies and Procedures is Now Easier than Ever

What’s more, writing information security policies and procedures is easy with the FLANK21 set of documents as it contains literally hundreds of policies, procedures, forms and checklists for every conceivable area or platform related to information security, such as the following:

Network Devices-Templates specifically tailored toward routers, switches, firewalls and more!Operating Systems-Documentation provided for all major operating system platforms, such as Microsoft Windows (their 2003 to 2012 server line), UNIX and all commonly used Linux distributions, (RHEL, etc.)Databases-Policies and procedure documents for MS SQL Server, MySQL, Oracle, and PostgreSQL.Web Servers-Templates for Apache, Tomcat, IIS and more!

But filling out policy templates is one thing, actually have a set of comprehensive procedures and supporting provisioning and hardening documents is what’s also needed when it comes to writing information security policies and procedures. After all, what good is an information security policy if an organization doesn't have supporting procedures for the stated policy or even provisioning and hardening documents describing how to secure system resources?

Continue reading
63 Hits

FISMA Compliance & Certification Services for Federal Contractors in Texas

FISMA Compliance & Certification Services for Federal Contractors in Texas

FLANK offers comprehensive, fixed-fee FISMA compliance & certification services – and FISMA policy toolkits – for federal contractors all throughout the state of Texas. With hundreds of federal contractors located in Dallas, Houston, Austin, San Antonio – and numerous other locations – such entities are being required to comply with the Federal Information Security Management Act (FISMA) of 2002, which was amended in 2014 and re-named the Federal Information Security Modernization Act (FISMA).

As for FISMA, it’s without question one of the most in-depth and complex compliance mandates, due largely to the fact that becoming compliant means adhering to the controls put forth in NIST SP 800-53. From Access Control (AC) to Program Management (PM), the family of controls within NIST SP 800-53 require a healthy dose of FISMA policies, procedures, and processes to be in place – so turn to the Texas FISMA compliance experts today at FLANK.

Proven FISMA Service and Solutions for Texas Businesses

We offer a variety of services and solutions for helping Texas businesses with FISMA compliance & certification, such as the following:

Fixed-Fee FISMA Readiness & Gap Assessments:  Want to become FISMA compliant in an efficient and cost-effective manner, then Texas businesses would be well-served by performing a FISMA readiness & gap assessment. Brief, cost-effective, yet incredibly useful, such an assessment helps to identify and confirm critical scoping boundaries, missing documentation (i.e., FISMA policies and procedures), along with internal controls requiring immediate remediation. If you’re new to the world of federal compliance, then a FISMA readiness & gap assessment is an absolute must.

One of the biggest challenges faced by federal contractors with FISMA compliance is trying to eliminate the dreaded scope creep. Often times, engagements get bogged down as both sides (i.e., the FISMA assessor and the client) are unsure as to what business functions are to be examined, what personnel are involved, physical locations to be assessed, and much more. This can create an issue where FISMA compliance & certification can spiral out of control, creating immense challenges and cost overruns. How to avoid such a nightmare? Perform a FISMA readiness & gap assessment with FLANK. Contact us today at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more.

Continue reading
90 Hits

Network Security Policy Templates, Samples for Download

Network Security Policy Templates, Samples for Download

Network security policy templates, samples, and best practices are a vital necessity in today's growing world of regulatory compliance. There’s literally dozens and dozens of State, Federal, and global laws requiring documented network security policy templates and best practices be in place for proving to auditors of one's security practices.

Unfortunately, most businesses fail miserably when trying to develop their own set of network security policy templates and best practices because they don't have the time or resources for developing comprehensive information security documents. What’s needed is a trusted source and a global leader in providing documented policies, processes, forms and checklists for developing your very own network security policy templates, samples, and best practices.

We’re FLANK. Learn About our 3 Point Stance!

1. Providers of World-Class InfoSec & Compliance Policy Templates & Toolkits.2. Saving Businesses Thousands of Dollars with Outsourced Compliance Service Offerings.3. Offering set fees for Security, Governance, and Regulatory Compliance Assessment & Audit Services.

Over 5,000 Pages of InfoSec and Network Security Policy Templates – Get them Now

FLANK has spent years developing what is without question some of the most in-depth and comprehensive set of information security documents found anywhere - it’s called the FLANK21 set of documents that contains hundreds of network security policy templates, samples, best practices, and so much more. Sure, we provide industry leading policies and procedures - but so much more - such as essential operational and business specific documents, along with a laundry list of forms, checklists, and templates.

The network security policy templates, samples, and best practices contained within the FLANK21 set of documents contains policies, procedures, forms and checklists for many of the most commonly used firewalls and routers, ranging from Cisco appliances to Palo Alto, just to name a select few. What's more, included also are hundreds of other policy and procedure templates for all major databases (1. MS SQL Server. 2. MySQL. 3. Oracle. 4. PostgreSQL), web server applications (1. Tomcat. 2. Apache. 3. IIS. 4. JBoss), operating systems (1. Microsoft Windows Server line. 2. UNIX. 3. Linux distributions), and many, many more!

Continue reading
89 Hits

FISMA & NIST SP 800-53 and SP 800-171 Security Policies

FISMA & NIST SP 800-53 and SP 800-171 Information Security Policies and Policy Packets & Writing Services

FLANK offers industry leading FISMA and NIST SP 800-53 policy packets and NIST SP 800-171 information security policies and procedures packets, along with custom InfoSec policy writing services.  In today’s growing world of national security and cybersecurity threats, the federal government has started to aggressively enforce the FISMA mandates signed into law in 2002 (then amended in 2014).

While federal agencies have been working hard on FISMA compliance since 2002, the private sector is now the focus, with contractors being required to adhere to the Federal Information Security Management Act of 2002 (FISMA) and the now enhanced Federal Information Security Modernization Act of 2014 (FISMA).  FLANK can also assist with all aspects of the FISMA certification & accreditation process.

You Need Policies and Procedures for FISMA Compliance

FISMA, like many of today’s security, governance, and compliance mandates, requires a vast amount of documentation to be in place – specifically – information security policies and procedures covering essential I.T. domains within the NIST SP 800-53 publication, and other supporting 800 series documents. From change management to incident response, data backup – and much more – FISMA is all about documentation.

There’s no question a large security and technical element that has to be tended to in terms of FISMA compliance – two-factor authentication, file integrity monitoring, vulnerability scanning, and more – but that’s often well-known. It’s the documentation aspect that’s often overlooked with comments that usually begin with “we have no InfoSec policies and procedures, and we’re not really sure where to start.” 

With FLANK, you have two (2) options. We can author all of your FISMA policies and procedures for you, or you can simply purchase our world-class FISMA Compliant All-in-One Toolkit containing hundreds of pages of professionally developed materials. With FLANK, we give you choices when it comes to FISMA compliance.  Learn more about FLANK’s proven process for FISMA and NIST SP 800-171 compliance by downloading our FISMA Case Study and NIST SP 800-171 Case Study for a recent client implementation. 

Continue reading
117 Hits

FISMA Compliance & DFARS NIST 800-171 WDC, VA, MD

FISMA Compliance & DFARS NIST 800-171 Services for Washington, D.C., Virginia, Maryland Contractors

FISMA compliance, certification & accreditation services, along with DFARS NIST 800-171 compliance solutions for federal contractors in Washington, D.C. Virginia, and Maryland are available from FLANK. As one of North America’s leading providers of federal regulatory compliance services and solutions, we’re the company to turn to in the greater WDC metropolitan area for both FISMA and DFARS NIST 800-171 assistance.

The U.S. Government is FINALLY Serious about Security & Compliance

Over the last decade, the federal government has been hard at work ensuring all agencies are actually compliant with FISMA, however, the thousands of contractors providing critical services to such agencies have not been following along as required. But times have changed indeed. The Department of Health and Human Services (HHS), Department of Defense (DoD) and many other agencies have sounded the alarm to federal contractors, effectively demanding that thousands of businesses become FISMA and/or DFARS NIST 800-171 compliant. Gone are the days of weak enforcement, replaced now with an expansive set of rulings aimed at helping combat growing cybersecurity threats that are causing serious challenges for the federal government.

Are you a federal contractor in Washington, D.C. Virginia, or Maryland providing essential services to any number of governmental agencies? If so, and you’re not FISMA and/or DFARS NIST 800-171 compliant, the winds of change are blowing, so here’s what you need to know.

What you Need to Know Regarding FISMA Compliance & DFARS 800-171FISMA and DFARS NIST 800-171 are a Culture Change

Both of these mandates are extensive indeed, not some lightly regarded compliance measure where you can check the box and be done. Not at all. The growth in information security has unfortunately resulted in massive cybersecurity threats and attacks aimed at federal agencies, and the thousands of contractors used for providing support services.

Because of this, the government looked long and hard in what really makes sense for ensuring contractors and other down-stream providers have adequate InfoSec controls in place. Thus, enter FISMA (which has been in place since 2002, but now only heavily enforced), and more recently, the DFARS NIST 800-171 requirements.

Continue reading
162 Hits