Ostendio Expands MyVCM Auditor Connect with Drummond Partnership


Drummond security and privacy certifications can now leverage Ostendio MyVCM

Ostendio Inc., a leading provider of integrated risk management software, and Drummond Group LLC, a trusted industry leader in comprehensive compliance and cybersecurity risk assessments, announced today that Drummond joined MyVCM Auditor Connect™ partner program.  Drummond clients will have the option to use Ostendio MyVCM for security and compliance certifications such as SOC2, PCI DSS, and HIPAA, and to prepare for the popular HITRUST CSF™.

MyVCM Auditor Connect reinvents the audit process, rendering spreadsheets, third party file shares and storage devices effectively obsolete.  MyVCM Auditor Connect brings the auditor and customer together on one platform where they can share real-time evidence in a secure location. Unlike previous methods of conducting audits, Ostendio MyVCM provides access to evidence and documents that are always available, easy to update and optimized for collaboration. By using Ostendio MyVCM, customers can track progress in real time during an audit. The increased collaboration and efficiency can save auditors and customers time and money.

Read More: IoT Risk Management – Organizations Need to Enhance their Safety Policy

“MyVCM Auditor Connect is a significant step forward in modernizing an outdated process making security audits a more cost-effective process,” said Grant Elliott, CEO and chairman of Ostendio. “We will work with Drummond so they can connect with customers who are looking for forward-thinking, professional security audit firms to handle their audit process.”

Throughout the entire audit process, Ostendio MyVCM will manage relevant documents and simplify future audits by maintaining relevant company information securely.

“Joining the MyVCM Auditor Connect partner program is another way Drummond is assisting our customers to meet compliance,” said Gila Pyke, HITRUST Pre-Assessment Practice Lead, Drummond. “This partnership, paralleled with our comprehensive, end to end consultative approach, enhances our capabilities to assist our clients in building an exceptional security program. It will help our clients meet and combine multiple regulatory compliance standards, such as HITRUST and SOC2, making them easier to manage on an ongoing basis.”

Read More: The Evolving Cyber Risks and Vulnerabilities in the Healthcare Industry

In the healthcare sector, organizations including Anthem, Health Care Services Corp., Highmark, Blue Cross Blue Shield, Humana, and UnitedHealth Group require their business associates to obtain HITRUST CSF Certification because of their security and privacy framework for protecting patient health information. With data breaches being the highest in the healthcare industry due to the theft of patient information, it’s increasingly important to protect patient safety and privacy.

The number of data breaches and the theft of personal information continues to increase and companies are realizing that securing data and being able to demonstrate that compliance to international standards is a business imperative.  Certifications such as SOC 2, HITRUST and FedRAMP are gaining in popularity as they set standards for compliance. Government regulations such as GDPR in Europe and CCPA in California have also increased the awareness of the need for data privacy