Company

About Us

Learn how Jurcom empowers organizations worldwide to stay strong in complex regulatory landscapes with confidence and achieve sustainable success.

Careers

Explore the opportunities to join a global brand with a nurturing and collaborative working culture. Take your seat in the forefront of the GRC landscape.

Partnership

Join our partner network and open doors to strategic collaborations that drive mutual growth and innovation. Be a part of dynamic and impactful business alliances.

Investor Relations

We are the architects of your privacy to ensure governance, risk, and compliance superiority. Meet our extensive services and solutions portfolio to help you shape a resilient and sustainable future. Build trust and gain a competitive advantage with data protection excellence.

Management Team

Meet our management team that leads our way with their visionary leadership, deep industry knowledge, and relentless commitment to excellence.
GRC Space
Data Protection
EU GDPR

China PIPL

Brasil LGPD

Turkey TDPA (KVKK)

California CCPA

Canada PIPEDA

Saudi Arabia PDPL

Swiss FADP

UAE PDPL

UK GDPR

EU E-Privacy Directive
Climate
CORSIA

COP Meetings

CSRD

Climate Change ECB

UNFCCC - REDD+

EU CBAM

ESG

TCFD - SASB - CDSB Compliance

Sulphur 2020

EU Corporate Sustainability

Due Diligence Directive (CSDD)

Paris Agreement
EU Digital World
The NIS 2 Directive

The Critical Entities Resilience Directive (CER)

EU Digital Operational Resilience ACT (DORA)

The European Cyber Resilience ACT

The Digital Markets ACT (DMA)

The European Health Data Space (EHDS)

The European Chips ACT

The European Data ACT

European Data Governance ACT (DGA)

The Artificial Intelligence ACT

The European Cyber Defence Policy

The Strategic Compass of the European Union

The EU Cyber Diplomacy Toolbox GDPR
Finance
eIDAS Regulation

KYC/AML/UBO

PFMI

MIFID, MIFID II, MIFIR, PSD2

Climate Change Finance

OECD CBCR

DORA
EUDAMED
US Export Control Regime
EAR Reporting

BIS

EA/OTE
Ethics
EU Whistleblower Directive

Code of Conduct Practices
Services
Compliance Projects

Jurcom’s compliance service is exemplary, providing meticulous attention to detail, expert guidance, and innovative solutions that ensure our organization not only meets but exceeds regulatory standards, fostering a culture of trust and integrity.

Click specific areas below for details:
GDPR

DPO/DPR

Turkish DPL – KVKK Consultancy Services
Regulatory Audit

The regulatory audit service offered by Jurcom involves a comprehensive examination and assessment of an organization’s adherence to industry regulations, ensuring that all policies and procedures are in compliance with legal requirements.

Click here for details

Risk Assessment

The extensive risk assessment service provided by Jurcom involves a systematic evaluation of an organization’s potential vulnerabilities and threats, aiming to identify, analyze, and prioritize risks. We are here to help you implement effective risk mitigation strategies, and safeguard your assets, reputation, and overall business objectives.

Click here for details

Training Services

We are happy to offer you exceptional training programs, providing your team with insightful, tailored, and engaging learning experiences. We empower your staff with the skills and confidence needed to navigate complex regulatory landscapes successfully.

Click here for details

Ongoing Consultancy

Cultivate success with our ongoing consultancy services tailored for your Governance, Risk, and Compliance needs. Elevate your business with expert guidance, proactive risk management, and strategic compliance solutions.

Click here for details
Solutions

Effective Ransomware Prevention

Increase Your Security via Threatlocker

Elevate Data Masking

Jurcom partners with Infognito

Digital Identity and E-signature Brilliance

Learn how Namirial will help you

Prosper in Information Management

OpenText’s Services Handled to you by Jurcom

The EU Whistleblowing Direcitve Compliant Whistleblowing Platform

Get the distinguished service of Whistlelink via Jurcom

Comprehensive Recycling and Waste Management

Solving the Waste Crisis End-to-end via Evreka

Get Better Cybersecurity

Jurcom joins forces with UITSEC

Prime Certification Services

Be Informed on Distinguished Services of Proks

Flawless Open Banking API Management

Payment Components’ High-Performing Solution

Compliant Cookie Management

Mobildev’s Tools Will End Your Worries

Carbon Footprint Calculation & Reporting Excellence

Track your company’s carbon footprint performance via 3pmetrics

Premium Environmental Solutions

Cherish reliable research and consultancy via io Environmental Solutions

Efficient Data Privacy Management Platform

Privacore Makes It Easy for You

Comprehensive Learning Management System

Enjoy New-Gen Training with Jurcom Academy

Specific Personal Data Management Platform

Stay Compliant with the Turkish Personal Data Protection Law

Easily Check the Compliance Rate of Your Web Site

Jurdex will Help You in Staying Compliant with Privacy Regulations

Easy Carbon Emission Management and Reporting

Take Control of Your Corporate Carbon Footprint via QuickCarbon
Resources

Blog

Get expert tips and tricks on  GRC subjects.

Videos

Watch our insightful videos to get  fresh information on GRC topics.

Podcasts

Listen to valuable GRC content  from our professional team.

News

Stay updated on the latest advancements regarding the industry and Jurcom.

Case Studies & Informative Content

Reach comprehensive content and get quotes from our clients.
Contact Us

Enhanced Cybersecurity Measures Proposed Under New HIPAA Security Rule

The U.S. Department of Health and Human Services (HHS) has introduced a Notice of Proposed Rulemaking (NPRM) to bolster cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability and Accountability Act (HIPAA). This marks the first

JURCOM GRC

18/03/2025
3:34 pm
Latest Development

The U.S. Department of Health and Human Services (HHS) has introduced a Notice of Proposed Rulemaking (NPRM) to bolster cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability and Accountability Act (HIPAA). This marks the first significant update since 2013, aiming to address the evolving landscape of cyber threats targeting healthcare data.

Key proposed changes include:

Mandatory Annual Technical Inventories: Organizations must maintain up-to-date inventories of all systems handling ePHI to ensure comprehensive oversight and security management.
Rigorous Security Risk Assessments: Enhanced assessments are required to identify and mitigate potential vulnerabilities within healthcare information systems.
Enhanced Vendor Oversight: Business associates must notify covered entities within 24 hours upon activating a contingency plan, ensuring timely responses to security incidents.
Mandatory Multi-Factor Authentication (MFA): Implementation of MFA is required to strengthen access controls to systems containing ePHI.
Encryption Standards: Organizations must adopt robust encryption protocols to protect ePHI during storage and transmission.
Formalized Incident Response Planning: Entities are required to develop and regularly update incident response plans to effectively address security breaches.
Disaster Recovery and Backup Requirements: Establishing comprehensive disaster recovery and data backup strategies is mandated to ensure data integrity and availability.
Annual Compliance Audits: Regular audits are to be conducted to verify adherence to HIPAA security standards.
Updated Workforce Security Access Management: Policies must be revised to ensure appropriate access controls based on workforce roles and responsibilities.
Regular Network Testing and Segmentation: Continuous testing and segmentation of networks are required to prevent unauthorized access and contain potential breaches.

The public comment period for the NPRM concluded on March 7, 2025, with over 4,000 submissions under review. These proposed measures underscore the critical need for healthcare organizations to enhance their cybersecurity posture in safeguarding sensitive health information.

Source: Reuters

Investor Relations

Enhanced Cybersecurity Measures Proposed Under New HIPAA Security Rule

JURCOM GRC

JURCOM GRC

Suggestions

U.S. States Grapple with Divergent Consent Standards in Data Privacy Laws

Meta to Utilize Public Posts and AI Interactions for Model Training in the EU

Legal Challenges to Federal Agency Authority Impact Healthcare Regulations

Company

GRC Space

Services

Resources

© 2025 Jurcom.nl All rights reserved.