Derek Boczenowski

Derek Boczenowski

Derek Boczenowski is Chief Architect with Compass IT Compliance. Derek has over 20 years of IT experience in a variety of vertical markets, including financial services, higher education, and state/local government. Prior to joining Compass IT Compliance, Derek was the VP of Technology for a credit union in Massachusetts with approximately $700M in assets under management. With an MBA in Technology Management as well as industry leading certifications, such as being a Certified Information Systems Auditor (CISA), Qualified Security Assessor (QSA), Certified Information Security Manager (CISM), and Certified Data Privacy Solutions Engineer (CDPSE), Derek works with clients of all sizes and in all vertical markets to help them identify gaps in their IT security strategies and provide relevant, attainable solutions to ultimately mitigate their overall risk. Derek has spoken at numerous conferences throughout his career, including the Fiserv national conference and New York Banker’s Association Annual Meeting, and is recognized as a thought leader in the field of information technology and information security.

Posts by Derek Boczenowski

Ransomware Alert: New Strain in the Wild

by Derek Boczenowski on May 12, 2017 at 4:23 PM

Ransomware Screenshot.jpg

Friends of Compass, There is a rash of ransomware attacks being reported that has affected as many as 74 countries. One of the largest reported sectors is hospitals within the United Kingdom, with at least 16 hospitals affected. Many hospitals report being disabled and unable to perfo …

Read Story

Topics: Ransomware

HIPAA Compliance: 5 HIPAA Mistakes to Avoid!

by Derek Boczenowski on March 28, 2017 at 9:30 AM

5 HIPAA Mistakes to Avoid Blog Graphic.png

Here at Compass, we have seen a huge upswing in the number of HIPAA / HITECH risk assessments we have been conducting over the last year. Covered entities (Doctors, Hospitals, Pharmacies) and health plans are obviously storing PHI (protected health information) and ePHI (electronic pr …

Read Story

Topics: Healthcare Security HIPAA

Security Awareness Training is No Joke!

by Derek Boczenowski on June 23, 2015 at 9:51 AM

Without a doubt, almost every type of IT audit contains a section on security awareness training. And in many companies, it is a weakness that can be exploited easier than trying to hack a firewall or compromise a server. In many cases, it can be as easy as sending an email or making …

Read Story

Topics: Security Information Security Security Awareness Training
1 2 3 4 5

See all

See all

Subscribe by email