Contact Us

Services

Suite of Services

Schellman began as a SOC audit firm 20+ years ago. While we still issue more than 2,000 SOC reports each year, our clients’ trust has propelled our expansion. Today, we offer nearly 60 types of audits and assessments delivered by full-time employees. No outsourcing. No compromises.

Download a PDF of All Services

Learning Center

Our Technology

About Us

About Us

Schellman is the only Top 50 CPA firm focused exclusively on IT Compliance and Cybersecurity, and we’re the #1 service provider for FedRAMP Assessments.Our industry-leading NPS scores, client retention, and employee retention (low-to-no team churn = less audit fatigue) mean our clients experience greater continuity and quality.We also understand how distracting unplanned work can be, so we focus on client-centric KPIs to help keep your business moving uninterrupted.

ISO Certificate Directory

Services

Services

View All Services

SOC & Attestations

SOC & Attestations

SOC 1 / SSAE 18 Examination

SOC 2 Examination

SOC 3 Examination

SOC for Supply Chain

SOC for Cybersecurity

C5 Attestation

CSA STAR Programs

Payment Card Assessments

Payment Card Assessments

PCI DSS Validation

PCI SSF

PCI P2PE Validation

PCI PIN Assessments

PCI 3DS Compliance

ISO Certifications

ISO Certifications

ISO 27001

ISO 42001

ISO 27701

ISO 9001

ISO 22301

ISO-20000-1

Privacy Assessments

Privacy Assessments

APEC Certification

GDPR Assessment

International Privacy Assessments

US State Privacy Assessments

Microsoft SSPA/DPR Assessment

Privacy Program Assessment

FERPA Assessment

EU Cloud Code of Conduct

Federal Assessments

Federal Assessments

FedRAMP®

CMMC / NIST SP 800-171

FISMA/NIST

ITAR

CJIS

IRAP

FTC Consent Decrees

Healthcare Assessments

Healthcare Assessments

HITRUST CSF Certification

HIPAA Compliance

HIPAA Express

EPCS-DEA Audits

Health Data Host (HDS) Certification

Penetration Testing

Penetration Testing

Application

Network

Mobile

Social Engineering

Cloud

Physical

Hardware and IoT

Advanced Series

Cybersecurity Assessments

Cybersecurity Assessments

Cloud Configuration Assessments

Ransomware Assessments

NIST Cybersecurity Framework Assessments

Schellman Software Security Assessment (S³A)

TISAX®

SWIFT Customer Security Programme

Internal Audit Co-Sourcing

Crypto and Digital Trust

Crypto and Digital Trust

Schellman Training

Schellman Training

Sustainability Services

Sustainability Services

AI Services

Learning Center

Our Technology

About Us

About Us

Leadership Team

Leadership Team

Corporate Social Responsibility

Corporate Social Responsibility

Careers

Strategic Partnerships

Strategic Partnerships

ISO Certificate Directory

Healthcare Compliance Assessments

Health Data Host (HDS) Certification

Particularly for those in the healthcare industry doing business with French customers, the HDS framework and related certification can help you implement robust security controls to protect personal health data and comply with relevant legal requirements.

Contact a Specialist

Achieve More Consistent, Reliable, and Trustworthy Health Data Hosting Services

Like HIPAA in the United States, France’s HDS regulations and the related certification serve to verify an organization's compliance with a baseline set of requirements regarding all personal health data hosting. As mandated by the French Public Health Code (Article L.1111-8), all organizations hosting personal health data collected during healthcare activities in France must achieve HDS certification by undergoing an assessment by an accredited auditing organization that will evaluate your adherence to the stipulated rigorous control framework.

HDS Certification Could Help You…

https://www.schellman.com/hubfs/meet-compliance-requirements.png

Comply with Legal Requirements

https://www.schellman.com/hubfs/improve-security.png

Ensure the Security of Your Sensitive Health Data

https://www.schellman.com/hubfs/Untitled-1-1.png

Enhance Your Credibility

https://www.schellman.com/hubfs/competitive.png

Obtain a Competitive Edge in the Market

Why Schellman for Your HDS Certification?

We’re an Industry Leader: Schellman is one of only nine organizations currently authorized to provide HDS certification, having gone through the process after listening to our clients’ needs.
We Offer End-to-End Support: When you work with us, our team of experts won’t just guide you through the entire certification process—we’ll deliver ongoing guidance tailored to your specific needs.
We Provide a Customized and Consolidated Approach: We also offer ISO 27001 certification services, and that framework can also play a role in the security of health data—if you’re interested in that as well, we will not only tailor our approach to your unique needs and priorities, but we’ll use our proven approach to conducting multiple assessments across different compliance domains that will help to reduce your audit fatigue and limit costs.

With Schellman as your trusted partner, you can focus on providing the best possible care to your patients and be confident in the knowledge that their sensitive health information is secure.

Contact a Specialist

Robert Tylka

Robert Tylka is a Principal at Schellman. With over 16 years of experience in providing IT attestation and compliance services, Robert currently leads the Midwest practice at Schellman where he specializes in SOC 1, SOC 2, ISO 27001, and HIPAA reporting. In his portfolio, he also oversees engagements that include FedRAMP, HITRUST, PCI, and various Privacy reviews.

Meet Robert Contact Us

tylka-450

Schellman’s HDS Certification Methodology

1. Pre-Engagement

Together, we’ll conduct a web-based scoping exercise and our team will work with you to understand your unique needs before determining the resources necessary to complete the assessment.

2. Readiness Assessment (optional)

Schellman recommends a readiness assessment be performed to streamline the fieldwork process and ensure that you are adequately prepared for the full assessment. Should you opt to do so:

Together with you, we will hold an HDS Readiness Assessment Kick-Off meeting.

We will then perform the Readiness Assessment and provide you with the resulting gap report.

3. Assessment Fieldwork

After we provide you with our Auditor Plan and Information Request List, you’ll then electronically submit the requested documentation to us, which we will review while also conducting interviews to assess conformity.
(NOTE: An on-site assessment is mandatory but multi-site can be sampled.)

4. Final Reporting

After a few weeks post-fieldwork, we will provide you with your detailed HDS Report that includes our findings—including identified nonconformities and opportunities for improvement—as well as a roadmap for ongoing compliance with HDS. We will issue the corresponding certificate to you one week after the HDS Report is provided and report your certification results to ANS.