Would like to see you discuss what regulatory compliance (Medical aka HIPAA and Financial Services aka Sarbanes-Oxley) is all about:
- Signed BAA (Business Associate Agreements)
- What is PII
- Updates and Maintenance
- Local and Online Backups (and how Encryption: at rest and in transit come into play)
- Remote Access Requirements and Compliance
- Password policies and screensaver requirements
- Sending Medical Information from Providers to Patients and requirements
- Audit Log requirements and processing/reviewing (would like to get better ways to do this)
- User Training
- Compromise Disclosure Requirements
etc
…and while you’re at it bring some attention to Connectwise Control ( Screenconnect ) and because it lacks a User login Audit log…technically it’s illegal to install or use in any business that is HIPAA and/or Sarbanes-Oxley regulated:
https://control.product.connectwise.com/communities/1/topics/65-add-the-ability-to-audit-login-failuressuccesses-for-logging-in-to-the-web-interface#