Towerwall offers best-in-class cannabis compliance, data privacy and information security services for cannabis businesses striving to succeed in one of the most highly regulated industries in the country. These offerings enable cannabis dispensaries and medical businesses to maintain continuous compliance with federal, state, and credit card data privacy mandates. In conjunction with cannabis regulatory compliance, Towerwall specializes in providing deep risk management, risk prevention and risk remediation for cannabis organizations and for the ancillary businesses servicing them.
Enables cannabis dispensaries, cultivation centers, and processors and the ancillary businesses* that service them, to demonstrate a history of compliance with federal, state, and local regulations and requirements. Including:
*Ancillary businesses include but are not limited to cannabis medical doctors, lab testers, banks, credit unions, etc.
Standard Operating Procedures – rules and procedures for dispensaries, cultivation sites, and processing and testing facilities that bring all aspects of the business operation into line with current regulations.
Written Information Security Plan (WISP) – regulatory required document for all businesses who have custody of or accesses to personal information about a Massachusetts resident.
Incident Response Plans – documented steps for quick response and recovery from security related incidents and unplanned business disruptions.
Security and Data Privacy Policies – written policies that outline best practices and promote data security and privacy standards for your business and employees.
Data Privacy and Security Awareness – provides awareness initiatives that can be adopted by employees and build a culture of data privacy and information security in cannabis businesses.
Compliance Thought Leadership – Towerwall’s foremost authorities inform and educate attendees on the value of compliance in the cannabis industry and how it can be leveraged by state agencies, local municipalities, banks, and credit unions.
Ensures cannabis businesses who access, store, or transfer private health information or personal identifiable information are compliant with federal, state, and credit card data privacy mandates. Including:
HIPAA Compliance Assessments – Health Insurance Portability and Accountability Act – requires businesses to protect the privacy and security of private health information that is accessed, stored, or transmitted.
State Data Privacy Compliance Assessments – Such as Massachusetts 201 CMR 17.00 – requires businesses to develop a written, regularly audited plan to protect a Massachusetts resident’s personal information that is accessed or stored.
PCI Compliance Assessments – Payment Card Industry Data Security Standard (PCI DSS) – requires all businesses that accept, process, store, or transmit credit card information to maintain a secure environment.
Prospect Compliance Scores – banks and credit unions, commission Towerwall to conduct cannabis-specific business assessments and due diligence on prospective cannabis banking customers and leverage compliance risk scores as a decision making factor.
Ongoing Compliance Assessments – provides ongoing “know your customer” compliance due diligence to ensure cannabis customer maintain a history of continuous compliance with state and local regulations and banking requirements.
Ensures the people, process, and technology practices used in cannabis businesses protect the confidentiality, integrity, and availability of their computer systems and the information they contain. Including: