What Is The Dash Compliance Score?
The Dash Compliance Score is a score from 0 to 100 that offers healthcare organizations a quick view into the state of compliance. Due to the changing in cloud infrastructure and the ongoing nature of HIPAA compliance, it is important that organizations evaluate compliance over time and maintain a well rounded security profile. This score is one metric organizations can use to measure their cloud compliance efforts.
Built into Dash ComplyOps, the Dash Compliance Score tracks how organization’s manage and maintain compliance in their cloud environment. When first implementing the Dash Platform and initial Security Plans organizations may find that they have a lower overall score. As organizations work to resolve compliance issues and become more proficient in managing cloud compliance concerns, this score should rise. Users can login to the application and find their Dash Compliance score on the main dashboard of the application. This score is updated on a weekly basis and reflects changes that are made inside of Dash and the Compliance Center.
The Dash Compliance Score is created based on four major principles found below:
One component of the Dash Compliance Score is Responsiveness. This is the amount of time it tasks an organization staff to solve compliance issues. Security risks are a threat to organizations when they go unresolved. The Dash Compliance Score factors in the amount of time it takes your organization to resolve issues as one factor for overall scoring.
To improve Compliance Responsiveness and your overall score, organizations should resolve Compliance Center issues in Dash as quickly as possible.
Another component of the Dash Compliance Score is Safety. Compliance issues range in priority from low to high. It is possible for one compliance issue to jeopardize an entire teams security and compliance efforts. For example, opening all ports to the public creates a lot more risk than internal port issues. Therefore, it is crucial that teams address “High” priority issues as soon as soon as possible. The Safety score is a measure of how many higher risk compliance issues are unresolved.
To improve your Compliance Safety and your overall score, organizations should focus efforts on resolving “High” priority issues.
The third component of the Dash Compliance Score is Maintainability. If an organization is compliant for a single risk assessment or a single day but does not follow their security plan for the rest of the year, they are at a much higher risk of having a security breach or HIPAA violation. The Maintainability score measures how often resolved issues in Dash are reopened or reoccur.
To improve your Compliance Maintainability, organizations should make sure that Dash compliance issues stay resolved through proper resolution.
The last component of the Dash Compliance Score is Prevalence. Organizations with 100 compliance issues have a lot more security risk than organizations with 1 issue. The Prevalence score measures how many times an compliance issue occurs across the cloud environment. As organizations resolve issues and continue to use best security practices, the prevalence of compliance issues should go down.
To improve your Compliance Prevalence Score, organizations should reduce the number of times issues occur across their environments.
Dash Compliance Scoring and Reports
Dash provides organizations with the ability to see Compliance Scores over time and includes a report with greater insight on compliance concerns. Organizations should consider using this report as one way to measure their security efforts and overall improvement.
Organizations can see a breakdown of their Dash Compliance Score week by week. To view your score history and see all related information:
- Login to the Dash ComplyOps Platform
- Go to the “Report Center” on the Left Sidebar
- Under Dash Compliance Score History click “View Report”