Bernard Gallagher

Bernard Gallagher

Bernard Gallagher is the Senior Vice President at Compass Assurance Team, with over 30 years of expertise in IT security, compliance, and auditing. He has guided organizations across industries such as financial services, healthcare, and technology, helping them meet SOC 1, SOC 2, HIPAA, and HITRUST compliance standards while strengthening their security postures. As a compliance leader, Bernard has extensive experience with SOC 1, SOC 2, HIPAA, HITRUST, and Sarbanes-Oxley requirements, as well as IT security assessments, privacy audits, and enterprise risk management. He has also served as a Virtual Compliance Officer (VCO), helping organizations enhance their security posture and achieve regulatory compliance efficiently. His technical expertise spans network and application security, data encryption, disaster recovery, business continuity, and forensic analysis. With a Bachelor of Science from Drexel University, an MBA in IT Management, and certifications like CISSP and PMP, Bernard combines leadership and expertise to help clients achieve compliance and long-term success.

Posts by Bernard Gallagher

SOC 2 & Managed Security Services: A Perfect Partnership for SMBs

by Bernard Gallagher on April 25, 2025 at 10:30 AM

SOC 2 MSSP SMB

For small and medium-sized businesses (SMBs), navigating the complexities of cybersecurity and compliance can feel overwhelming. Limited resources, time constraints, and the ever-present threat of cyberattacks make it challenging to establish robust security measures while meeting ind …

Read Story

Topics: Compliance SOC 2

Selecting Your SOC 2 Type 2 Observation Period

by Bernard Gallagher on April 11, 2025 at 10:30 AM

SOC 2 Type 2 Observation Period

Preparing for your first SOC 2 Type 2 audit—or planning your next—requires careful selection of a critical component: the observation period. This timeframe, also known as the monitoring period, audit period, or review window, defines when your organization's controls will be evaluate …

Read Story

Topics: Compliance SOC 2

How Long Does a SOC 2 Audit Take to Complete?

by Bernard Gallagher on April 4, 2025 at 9:44 AM

How Long Does a SOC 2 Audit Take to Complete

At Compass, we frequently get asked, “How long does a SOC 2 audit take?” The answer depends on several factors—but having a clear understanding of the typical phases, timelines, and what influences the duration can help your organization prepare and plan accordingly.

Read Story

Topics: Compliance SOC 2

Top Security Tools to Simplify Your SOC 2 Compliance Journey

by Bernard Gallagher on March 13, 2025 at 3:52 PM

SOC 2 Compliance Security Tools

Navigating the complexities of SOC 2 compliance can be a daunting task for businesses, especially when they need to establish secure, reliable, and repeatable processes. A comprehensive SOC 2 audit focuses on five key Trust Service Criteria: security, availability, processing integrit …

Read Story

Topics: Compliance SOC 2 Software

SOC 2 for Healthcare: A Compliment to HIPAA Compliance

by Bernard Gallagher on March 8, 2025 at 1:00 PM

Hospital SOC 2 HIPAA

In today’s digital healthcare landscape, protecting sensitive patient data is a top priority. Healthcare providers are tasked with safeguarding information in compliance with rigorous regulations such as the Health Insurance Portability and Accountability Act (HIPAA). However, achievi …

Read Story

Topics: Healthcare Security HIPAA SOC 2

FinTech Security: How SOC 2 Drives Investor & Client Trust

by Bernard Gallagher on February 28, 2025 at 2:45 PM

FinTech SOC 2

In the world of financial technology (FinTech), trust is a currency as valuable as money. As startups and established firms alike strive to innovate, they must also prioritize protecting sensitive financial data. For FinTech companies, achieving SOC 2 attestation is more than a compli …

Read Story

Topics: SOC 2 Finance
1 2

See all

See all

Subscribe by email