Please enable JS

  • slidebg2
    security & compliance



security

shayre, as developer and supporter of the “shayre” file synchronization software application, continues to undergo internal and external Security and Risk Assessments, leading to GAP Assessment and Remediation Planning, as well as Policy and Procedure creation and updates. These assessments pertain to procedures and practices related to software development, technology environment and management, and personnel. They are instrumental in the process of a) avoiding and mitigating security risk, b) managing IT policies and procedures going forward, and c) seeking industry certifications, and ensuring that shayre follows best practices required by such certifications that are maintained by prospective and existing clients.

The most recent exercises included both Internal and External Assessments carried out in conjunction with TipLynx and Compliancy Group, resulting in verification of various policies and procedures in place, and certification as HIPAA security compliant.

In addition to the Internal and External Security & Risk Assessments already completed, shayre is currently undergoing further Assessments with regard to HITRUST certification and the MPAA Content Security Best Practices Program and certification. A synopsis of the Security Assessments recently concluded is outlined below.

TipLynx assisted shayre in performing an internal assessment covering the following areas, and found that they are all being addressed satisfactorily and actions are planned or underway to further decrease any GAPS in policies or procedures.

  • Software Development Life Cycle (SDLC)
  • Change Control
  • Testing and QA
  • Data security and backup
  • Application and user documentation
  • Server and workstation management
  • User account management
  • Personnel application and security training
  • Router, Switch, Firewall management
  • 3rd Party Developer management
  • 3rd Party BA management

In addition, an External Assessment was conducted by Compliancy Group to determine the state of security at shayre and our shayre file sharing application, related to current HIPAA Compliance standards. shayre was found by Compliancy Group to be “HIPAA Compliant”, achieving their highest rating and “HIPAA Seal of Compliance”. A link to the Compliancy Group’s company verification process, and a copy of their seal of approval that is associated with shayre are below.

HIPAA Seal

As part of the Compliancy Group’s Assessment process, the following areas were addressed in a training program for all principals and employees of shayre. Each participant was required to pass tests and attest to completion and understanding of all training areas, policies, and procedures.

  • HIPAA Training 101
  • Cybersecurity
  • Incident Management

In addition, several risk audits were done, generating Policy and Procedure documents and manuals which were uploaded to an active web portal developed for storage and maintenance of all shayre security policies and procedures.

HIPAA Related Documents and Manuals

  • BA HIPAA shayre Policy Manual
  • HIPAA shayre IT Risk Analysis Audit
  • HIPAA shayre IT Risk Analysis Device Audit
  • HIPAA shayre Physical Site Audit

General IT Security Documents and Manuals

  • shayre Internal shayre Dev & Support GAP Assessment
  • shayre Software Development Life Cycle
  • shayre CASE Description
  • shayre Server List
  • shayre Workstation List