Drupal Compliance

compliance logo

 

HIPPA, NIST, PCI, Section 508. Having trouble making sense of all this compliance. Did you just find out your Drupal website needs to be 508 or HIPPA compliant and aren't sure where to start. Call Peerless Design. We will help you understand and comply with the standards needed to launch your project.

Section 508 Compliance

In 1998 the US Congress amended the Rehabilitation Act to require Federal agencies to make their electronic and information technology accessible to people with disabilities. Section 508 was enacted to eliminate barriers in information technology, to make available new opportunities for people with disabilities, and to encourage development of technologies that will help achieve these goals. The law applies to all Federal agencies when they develop, procure, maintain, or use electronic and information technology. Under Section 508 (29 U.S.C. § 794d), agencies must give disabled employees and members of the public access to information that is comparable to the access available to others.

Peerless design provides 508 compliance audit and remediation to ensure your website meets the requirements to pass a Section 508 Audit.

Peerless design will:

  • Evaluate system for Section 508 Compliance
  • Provide a detailed report of the current status and fixes
  • Assist in making necessary changes to ensure compliance
  • Provide tools to ensure compliance
  • Complete periodic reviews to ensure future compliance

HIPPA Compliance

“Individually identifiable health information” is information, including demographic data, that relates to:

  • The individual’s past, present or future physical or mental health or condition

  • The provision of health care to the individual

  • The past, present, or future payment for the provision of health care to the individual

  • Any information that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual.

  • Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number).

A person who knowingly obtains or discloses individually identifiable health information in violation of the Privacy Rule may face a criminal penalty of up to $50,000 and up to one-year imprisonment. The criminal penalties increase to $100,000 and up to five years imprisonment if the wrongful conduct involves false pretenses, and to $250,000 and up to 10 years imprisonment if the wrongful conduct involves the intent to sell, transfer, or use identifiable health information for commercial advantage, personal gain or malicious harm. The Department of Justice is responsible for criminal prosecutions under the Privacy Rule.

Peerless design provides HIPPA compliance audit and remediation to ensure your website meets the requirements to pass a HIPPA audit.

Peerless design will:

  • Evaluate system for HIPPA Compliance
  • Provide a detailed report of the current status and fixes
  • Assist in making necessary changes to ensure compliance
  • Provide tools to ensure compliance
  • Complete periodic reviews to ensure future compliance

PCI Compliance

Version 3.0 of the PCI compliance standard has been made mandatory as of January 1st, 2015 and is a complete game changer for most Drupal eCommerce sites. The new version added a ‘Best Practices for Implementing PCeI’ section, aiming to turn it into a ‘business as usual’ process. A good example of this is how it aims to make PCI DSS compliance ‘continuous’ rather than an annual validation exercise. The new version emphasizes the need to establish a culture of security through more education to maintain and drive accountability throughout the organization. It also calls out the need for more processes to ensure that payments are secure, rather than merely ensuring that a merchant has a specific security technology in place.

Peerless design provides PCI compliance audit and remediation to ensure your website meets the requirements to pass a PCI audit.

Peerless design will:

  • Evaluate system for PCI Compliance
  • Provide a detailed report of the current status and fixes
  • Assist in making necessary changes to ensure compliance
  • Provide tools to ensure compliance
  • Complete periodic reviews to ensure future compliance

What our clients are saying

A great experience and a much improved website.
...dedicated, competent and driven to get the job done and done well.
...provided us with excellent, expert service in a professional and personable manner.
...continued to monitor it closely and is still always available to help me if I have any questions
...very responsive to our questions and needs
I had a very tight deadline and budget, and they met it, seemingly with ease.
...we just want you to know that we are appreciative!
...I have no doubt we will have the best site in the 2010 election of any PA candidate
...took my less than mediocre site and completely revamped it into a beautiful, professional, and easy-to-navigate site
...can do anything any other designer can do and generally quicker, cheaper and better.
I realized that I had picked the right company to work with soon after beginning a project with Peerless Design, Inc.
...able to translate technical information in an accessible way...
I love directing our customers to our new site knowing that they are going to be able to find exactly what they are looking for...
I would highly recommend her for any position requiring IT design and development
... incredibly impressed with what you brought to the table
I would highly recommend her for any position requiring IT design and development
I'm so happy we chose to work with PEERLESS Design.
...your punctuality, your casual and open personalities, and both your hard copy and online portfolios speak very highly of you and your business as well
...creative, independent, responsive...
Thanks so much for everything!
I have seen the first layouts and they are awesome...
" PDI provides us prompt, effective and efficient service in maintaining our Drupal based website."
...a pleasure to work with, combining patience (for my busy schedule and at times overwhelmed brain) with her strong motivation and energy to keep me going
... they also made suggestions which showed me that they fully understood what I wanted to accomplish.
...able to take my abstract ideas and add their expertise to bring them to life in a way that was better than I could have imagined!