MSP Blog Logo

Cyber Security

Business Growth

Sales and Marketing

IT Services


Empowering Your MSP Business to Grow and Prosper—One Post at a Time


Featured Post

The Ultimate Guide to Success in Managed IT Services

What are the fundamentals to building a profitable managed IT services business? Keep reading to discover the four key ingredients for success.

Read Now

What MSPs Need to Know about Compliance: Your IT Policy Checklist by Vertical

Posted April 13, 2015by Raj Goel

The IT Support/MSP game has changed. Clients are no longer satisfied with just getting their desktops managed and servers supported.

Almost every industry has customer privacy and security compliance regulations – and clients are looking at us, their IT providers and business confidantes, to help them become and remain compliant.

So what do you need to know about compliance?

Target Your Vertical

First – determine what industry or vertical you will tackle, then dive into it.

In my experience, clients do not want a generalist firm that says we provide HIPAA/HITECH/PCI-DSS/Sarbanes-Oxley/GLBA/SEC Cybersecurity /  [insert acronym here] compliance. More and more, savvy buyers want MSPs that focus on their vertical.

Healthcare IT

If you’re tackling healthcare, you must deep-dive into:

  • FTC Health Breach
  • State Records Retention
  • SEC Cybersecurity Guidance
  • State Privacy Laws

If medium-to-large retailers ($10M-$4B) are your targets, then a thorough understanding of PCI-DSS and State Privacy Breach Laws is required.

Related: Healthcare IT - The Next Big Thing for MSPs?

Financial IT

If you're focusing on banking and finance, then make sure you understand compliance in:

  • GLBA
  • SOX-404
  • State Privacy Breach
  • FINRA regulations
  • FFIEC 

For All Verticals...

Underpinning all these regulations, standards and statutes are 3 simple truths:

  1. Every regulation or standard requires good, tested, verifiable backups.
  2. Use of strong passwords and tested security configurations is a must.
  3. Encrypting data in-motion, and data-at-rest is a very, very, good idea.

Related: Your Biggest Security Threat May Be Your Easiest Fix

As you start your journey towards becoming a compliance-oriented MSP, I can offer you a few resources for HIPAA/HITECH, PCI-DSS, SEC Cybersecurity and PRIVACY LAW compliance.

HIPAA/HITECH Compliance: Email me and request the

  • HIPAA Compliance Checklist
  • Articles and newsletters regarding trends in HIPAA enforcement and compliance

Related: How to Add HIPAA Compliance to Your Service Offering


  • Overview of the state privacy breach laws
  • Trends in Financial Crimes
  • Lessons Learned from Superstorm Sandy

SEC Cybersecurity Compliance

  • Overview of SEC Requirements
  • Trends in Financial Crimes
  • Lessons Learned from Superstorm Sandy
  • Challenges endemic to the financial sector

As always, if you have questions regarding security, privacy or compliance, feel free to contact me at

For more of my latest articles, blog posts, presentations and webinars, check out

Are you primarily serving doctors' offices?

New Call-to-action

MSP Owner, Author, entrepreneur, IT expert and public speaker, Raj Goel is globally known as the go-to man in cybersecurity and privacy law. By day, Raj runs a successful MSP in New York City named Brainlink. Learn more at By night, he is committed to educating individuals and organizations about online safety and how to protect their most important assets – people and data. His expert advice helps individuals, companies and conglomerates navigate their way through the world’s ever-changing technology and increasingly complex IT compliance laws. He often appears in the media and at conferences world-wide to educate the public on cybersecurity and digital privacy, a subject he is passionate about. He is the creator of SOPCULTURE – a well-defined methodology and process that elevates MSPs from OK to phenomenally profitable. So, whether you’re looking for a seasoned IT veteran who’s lived in the trenches, a successful business owner on a mission to increase client happiness and profitability or a caped crusader devoted to cyber-civil rights, you’ll want to contact Raj at 917-685-7731 or And don't forget to visit to read his articles, watch previous webinars on improving your service delivery and increasing profitability by reducing client frustration.

RMM 101: Must-Haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus