Compliance Consulting

Complete Compliance Process Automation platform. Our solution combines compliance-driven workflow engines, managed network and computer data discovery, a web-based management portal, and built-in compliance document generation and archiving.


DFARS/NIST 800-171 Compliance

The Defense Federal Acquisition Regulation Supplement (DFARS) to the Federal Acquisition Regulation (FAR) is administered by the Department of Defense (DoD). The DFARS implements and supplements the FAR. The DFARS contains requirements of law, DoD-wide policies, delegations of FAR authorities, deviations from FAR requirements, and policies/procedures that have a SIGNIFICANT effect on the public. The DFARS should be read in conjunction with the primary set of rules in the FAR. See also the suggested search for “Government Contracts.”

To satisfy the DFARS mandate, organizations need to comply with the NIST SP 800-171 Rev. 1 which include 110 security controls across both internal process and IT infrastructure.

Organizations who fail to provide compliance will face fines and/or loss of contracts.


CMMC Compliance

The Cybersecurity Maturity Model Certification (CMMC) was released on January 31, 2020 in order to access and enhance the cybersecurity posture of the Defense Industrial Base (DIB) the CMMC is intended to serve as a verification mechanism to ensure appropriate levels of cybersecurity controls and processes are adequate and in-place to protect controlled unclassified information (CUI) that resides on the Department’s industry partner’s networks.

Contractors who are able to prove their implementation plan has reached adequate security, now have a competitive advantage over other contractors.


HIPAA Compliance

The major goal of the HIPAA security rule is to protect the privacy of individuals’ health information while allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care. Given that the health care marketplace is diverse, the Security Rule is designed to be flexible and scalable so a covered entity can implement policies, procedures, and technologies that are appropriate for the entity’s particular size, organizational structure, and risks to consumers’ e-PHI.

An organization requiring HIPAA Compliance should adhere to Administrative safeguards, Physical safeguards, and Technical safeguards in order to meet HIPAA compliance.

The collaborative team at Point North Networks can help an organization meet these requirements by providing expertise, technology, and process functionality to the organization requiring compliance.


PCI-DSS Compliance

Payment Card Industry Data Security Standards or PCI-DSS sets the worldwide information security standards for credit card transactions to help control and minimize points of risk to fraud or compromise of sensitive information. PCI Compliance is an adherence to these rigorous standards in the way your business conducts and handles the information. If you choose to host your data in the Point North Networks, Inc. secure data center in Minneapolis, our hosting services provides compliance that meet or exceed all of the audit controls. For this reason, many companies use our secure data center facility to conduct their credit card business. In addition, Point North Networks can extend our knowledge of PCI-DSS Compliance to those organizations processing card transactions on-site or within their own network infrastructure.


Contact Us Today