Updates, changes and improvements made to Papaya.
Left Sidebar Design : We have completely revamped the left sidebar menu to provide you a more straightforward approach to navigating throughout the application.
Left Sidebar Collapsable toggle: Ability to collapse the sidebar through a toggle.
Scorecards Organization: Reorganized and numbered scorecards in the reports and throughout the application.
Referral Code Tracking: You now have the ability to easily track your active referral subscriptions.
Duplicate Referral Code: Resolved issues related to duplicate referral code generation.
Microsoft Login Issue: Addressed a login issue related to Microsoft login.
Referral Program UI Enhancements: We have further improved functionality and ease-of-use for the referral program
PDF Sequence Number: Fixed sequence numbers in PDFs to be more accurate.
Notification Unread Count: Fixed unread notification count issue.
Referral System Enhancements: Improved the functionality of the referral program.
Vendor Messages: Added the ability to see exactly which vendor the message came from, and added visibility of messages in the notification center.
🚀 New
Referral Program: The Papaya referral program is now live for users.
SOC2 Title: Fixed the title for SOC2 compliance scorecard.
Policy Editing Interface: Replaced the modal popup with an editor on policy edit for a better user experience.
PDF generation error addressed. The issue that prevented PDF generation has been resolved.
SOC 2 is available in scoping factors. This will provide better oversight for the SOC 2 process.
HIPAA Compliance Scorecard and NIST scorecard functionality added. We improved the accuracy of the scorecards.
Added a loading icon display. This will provide better user feedback during operations that require loading times.
Unread notification count now reflects the new implementation of notifications. This improvement should provide a more accurate unread count.
Complete Notification system overhaul. This will provide a better user experience with a more streamlined notification process.
Assessment-Type Enhancements: We have introduced functionality to allow you to select your assessment-type, allowing even more customization for assessments
SOC 2 Scorecard Integration: We have added a SOC 2 Scorecard in Compliance Reporting Section to see where your organization stacks against the Trust Services Criteria
Corrective Action Plan (CAP) Management for Vendors: You can now assign CAPs to vendors for tracking and completion
Collapsing of Controls: The issue with unintended collapsing of controls during the assessment has been fixed
Training Assignment Display: We have made it even more clear when assigning training to users, such as including a Last Completed Date
Scorecard Upgrades: We have updated the look and feel of the NIST CSF and HIPAA scorecards
Scope Summary Page Update: The design of the scope summary page has been updated for better user experience.
2023.1.6.2
Video Control Fix: We've resolved an issue with the video controls for the Scope Summary Guidance Video and the video controls on Assessment Home and Assessment response page
PDF Export: We have resolved the issue that was causing errors in PDF exports
Training Assignment Details: When removing a training assignment, a confirmation popup with detailed information is now shown to prevent unwanted changes
Subscription Upgrade Page Display: We've updated the display on the subscription upgrade page to only show the active price for a clearer and more efficient user experience
Guidance Slideout Update: The Guidance Slideout now has a consistent format and comprehensive content, providing a better user experience.
Tooltip on Buttons: We've added tooltips on buttons for more explicit button functions
Improvements
Enhance Tooltip Sidebar: Improved tooltip sidebar navigation with the clicked word displayed as a header
Empty Business Details on Scope Summary: Business details are now correctly appearing on the scope summary
🚀 New
Introducing the Papaya Annual HIPAA Risk Assessment
In an era where the protection of health information is not just an ethical obligation but a legal one, our commitment to providing you with cutting-edge solutions remains unflinching. We are absolutely thrilled to introduce a groundbreaking feature - the Annual HIPAA Risk Assessment. This is not just a feature; it's an ally, an efficient companion in your compliance journey that understands the intricacies of HIPAA and Promoting Interoperability (PI) regulations. It's designed to equip your organization with the tools and insights necessary to safeguard Protected Health Information (PHI) while effortlessly adhering to compliance standards.
The Annual HIPAA Risk Assessment is a harmonious blend of innovation and simplicity. It's like having a compliance expert by your side, guiding you through the complexities, ensuring that every step is in sync with regulatory requirements.
Here’s what this powerful ally brings to the table:
Streamlined Workflow: It's an orchestra of efficiency, conducting a three-step process that smoothly navigates through organizational details, security questions, and compliance documentation.
Customized Risk Assessment: With the acumen of an experienced consultant, it generates questions tailored to your organization, considering your business operations, technologies, and applications handling PHI.
Security Insight: Like a watchful guardian, it assesses your security posture, highlighting strengths and areas that require fortification.
Compliance Documentation: Imagine an assistant that not only advises but creates immaculate compliance documentation ready to be showcased to regulatory bodies.
Third-Party Validation: A stamp of approval from an external entity, as it reviews your documentation and provides you with a HIPAA Attestation Letter. This is like having an acclaimed critic applauding your performance.
Promoting Interoperability (PI) Compliance: A sentinel that ensures adherence to PI requirements, helping you to identify vulnerabilities, evaluate threats, and implement safeguards.
Embark on your compliance odyssey with an expert, guardian, and ally. Let the Annual HIPAA Risk Assessment feature be the compass that guides you through the HIPAA landscape with confidence and ease.
Additional New Features
Zip File Upload: We've implemented the ability for to upload zip files as evidence and documentation
Policy Document Access: Fixed an issue where clicking on policies would not open the policy document.
UI Overlaps: Fixed an issue where buttons on the top policy-procedure/list page were overlapping.
Invitation Link Login: We found and fixed an issue with logging in from an invitation link for.
Button Alignment: Resolved an issue with button alignment in the assessment module
Updated Error Message: Enhanced the clarity of error messages for better user experience
Risk Widget Display: Fixed an issue that caused Risk By Severity and Overall Residual Risk widgets to display twice.
Vendor Filtering: Improved the positioning of the vendor filter multi-select dropdown for better user experience.
Vendor Management: New column in CAPs listing to display the assigned Vendor. This includes the option to filter CAPs based on the assigned vendor with multi-select options.
No Vendor Assigned Filter: A new filter has been added to the vendors dropdown to enable filtering records for which no vendor has been assigned.
Improved UI Alignment: Improved the UI to ensure your experience with the application is clean and streamlined
Completed Assignments Visibility: Now, while re-assigning a training that is already completed, you can view the list of completed assignments and make sure you wont assign a duplicate request
Sidebar and Icons Alignment: We've increased the width of the left sidebar for a better visual experience, corrected the upgrade icon alignment and moved the icons to the left.
Register Page: We've improved the UI of the Register Page for a smoother user experience
Learning Management System: Added a confirmation box on assignment removal to ensure that removals are deliberate
🚀 New
In today's interconnected business world, it's vital to keep a close eye on the risks posed by third-party vendors. We’re excited to introduce the Third Party Risk Management Feature (TPRM Preview) that is set to transform the way you manage vendor risk. Imagine being in full control, with the ability to evaluate, monitor, and communicate with all your vendors from one centralized, intuitive hub.
This innovative feature, TPRM Preview, comes packed with tools that take every aspect of third-party risk management into account. Whether it's assessing vendors based on various risk factors or maintaining a database of these assessments, the comprehensive toolset is designed to make your risk management process efficient and transparent.
Here are some highlights of the TPRM Preview:
Assigning Vendor Security Questionnaires: Assign questionnaires from Papaya's library of vendor assessments and track completion. And, in the near future, you’ll have the ability to send custom vendor questionnaires, giving you the flexibility to tailor questions to your specific needs.
Vendor Evaluation & Monitoring: Easily evaluate vendors based on an array of risk factors and maintain a database of these assessments. This includes continuous monitoring of vendors' risk profiles.
Communication with Vendors: Enhanced vendor messaging functionality, including a chat view, enables clearer and more effective communication, ensuring that you’re always on the same page with your vendors.
Compliance Action Plans (CAPs): Assign CAPs directly from the CAP management page and keep an eye on progress and compliance. This ensures that your vendors meet the standards and regulations that matter to your organization.
Advanced Filters and Navigation Tools: Sort and analyze vendor information through intuitive widgets and filters. The user-friendly interface is designed for smooth navigation, making vendor selection and data analysis effortless.
Delegate Your Assessment Questions to Vendors: This is a game-changer for organizations that outsource some of their security controls to vendors. You can now delegate individual controls from your internal risk assessments for your vendors to answer. This not only saves time but also ensures that the vendors are aligned with your security objectives.
The TPRM Preview is a testament to our commitment to streamlining your risk management processes. By providing you with a 360-degree view of vendor risks and communication tools, it ensures that you're always in control. This is just the beginning – stay tuned for more features and enhancements that will take your vendor risk management to unprecedented heights.
Resolved a recurring issue where some guidance videos were not visible.
We've streamlined the MyTrainings section in the Learning Management System with enhanced sorting, filtering, and searching features, including a new filter on the assign training page, making it a breeze to find and manage your training content.
We've enhanced the advisor session experience - you can now easily purchase additional sessions and it's included in your monthly invoice subscriptions.
Users can now upload documents during advisor sessions - sharing information has never been easier!
You can now see the corresponding regulatory standard of security framework of the questions in your assessment and filter based on the frameworks on the assessment response page.
The application now runs faster, allowing you to get things done more quickly.
We've added loading screens to keep you informed when the app is busy.
Answering questionnaires just got better - now you can view attachments!
Our error messages are clearer - if nothing is selected, it simply says "No data available".
Enjoy the refreshed charts with bigger displays and improved colors and legends.
The assessment listing screen got a visual makeover.
We've tweaked colors and sorted out some display kinks for a cleaner look and feel.
🚀 New Feature: Introducing the Vendor Security Risk Management Module! We are putting the finishing touches on this innovative addition to our platform. Keep an eye out for its upcoming release, which will help you manage your vendor security risks more effectively than ever before.
🌟 Improvements:
Enhanced Scope Summary Page UI: We've revamped the Scope Summary page's user interface to provide you with a cleaner, more intuitive experience. Navigate and access information more efficiently with this sleek new design.
Integrated CAP Question Scoring: Users can now score corresponding CAP questions directly within the CAP module, streamlining the assessment process and making it even easier to manage your security compliance.
🛠️ Fixes
Fixed issue where pre-scoping questions would appear even after completion
🛠️ Fixes
Improved the navigation of questions - we fixed a bug that was causing questions to not properly skip.
Improved the presentation of generated policies - we fixed a formatting issue for a better viewing experience.
Enhanced the Risk Ratings feature - we fixed the background color issue on the Control Count widget for a clearer display.
Enhanced Risk Overview - We've improved the Overall Risk Exposure widget on the dashboard to show more detailed information about potential threats.
Streamlined Assessment Process - We've improved the workflow for skipped assessment questions for a smoother experience.
Filter Assessment Questions - You can now easily filter assessment questions by skipped questions.
Improved Security - We've implemented stricter password requirements during account creation to better protect your data.
Professional Certificates - We've made improvements to the formatting of training certificate exports, so you can show off your completed trainings with pride.
We've corrected inaccuracies in the results of the NIST CSF Scorecard.
We've fixed a bug that was causing missing Roles & Tools during policy creation.
We've improved the process for viewing reports after completing an assessment.
We've corrected errors in the organization name in assessment reports.
We've resolved issues with generating policies and procedures.
We've improved the way the NIST CSF Scorecard is reported and categorized.
We've added validation to ensure all forms are properly filled out.
You can now search your assessment report for easy reference.
We've enhanced the HIPAA Scorecard reporting to better align with OCR Performance Criteria.
We've improved the flow of topic guidance pop-ups for a smoother experience.
We've updated the appearance of the scope summary page for a better user experience.
We've streamlined the customer registration process for a smoother sign-up experience.
Fixed bug on Missing Tools & Roles filter in the Assessment module
Fixed bug that prevented Generate Report button being displayed following report completion
NIST CSF scorecard scoring inaccuracies fix
Fixed intermittent incorrect Papaya topic being displayed in the Assessment module
Fixed missing tools and roles in Policy & Procedure generation
Login redirect error fix
Added OCR Performance Criteria reporting to the HIPPA scorecard
Enhanced the roles and tools mapping for the assessment module
Application loading speed optimization
🚀 New
Ability to archive, delete, and unarchive assessments
Implemented Rubric slide-out for easy access while conducting an assessment
Fixed frequent MFA Authentication error
Fixed intermittent assessment response error
Fixed assessment response tool input error
Fixed the persistent document glossary loading error
Fixed tools and roles placeholder error on policies and procedures
Administrator policy and procedure assignment error fix
Fixed question sorting misplacement in assessment module
Fixed the ability to hide archived policies
Fixed the frequent repeat question issue in the assessment module
Fixed phone number registration formatting issue
Fixed infrequent user registration error
Simplified My Policy Library UI
Implemented a no-data-state for widgets on the dashboard
Removed in-progress assessment metrics in the dashboard and Risk Register
Policy and Procedure formatting improvements
Scoping module UI improvements
User subscription UI improvements
Correct URL redirecting for users accessing the application
Implemented question skipping in the assessment module
Allowed the ability for discount codes while signing up for the app
Implemented Back to Login button on login page
🛠️ Fixes
General bugs and performance improvements
Fixed post-registration redirect bug
Fixed bug where you were able to assign already-assigned policies to users
Fixed Policy Glossary View bug
Made Terms of Service and Privacy Policy easily identifiable for user during login
Welcome page loading optimization
🛠️ Fixes
Performance improvements and general fixes
Fixed issue in assessment questionnaire causing erroneous preselected answers to questions
Fixed intermittent issue related to Google/Microsoft IDP Login
General Security fixes and enhancements
Fixed occasional login bug
Fixed intermittent bug preventing login after registration
Fixed dashboard on reporting In-Progress assessments
Assessment module preselect answers fix
Fixed intermittent page freeze in assessment questionnaire
Fixed intermittent assessment questions stuck on ‘Pending’
Fixed Guidance Modal Video Freeze
Fixed loading screen on dashboard widgets when no data is available
Autosave added for scoping questionnaire pages
Enhancements to Risk Assessment Reporting
Added filter to sort question responses missing responsible role and tools
Application page-history enabled upon session timeout
Navigation enhancements in assessment questionnaire module
Improved Stripe Integration and Email flow for purchase receipts
Fixed question and control formatting issue on assessment questionnaire
General performance enhancements and optimization
Fixed issue where some assessment questions were prefilled with incorrect responses
🚀 New
implemented a phone support code for users to be connected to Papaya Customer Representatives
Auto-save bug fix for the scoping questionnaire workflow
Tooltips not-clickable fix in assessment module
Tooltips freezing the page fix
fixed scoping modal freeze in scoping module
General bug fixes
Security and stability fixes
Added unanswered tools and roles filter to assessment module
Added regulatory references to the guidance slide out in the assessment module
Frontend link registration for subscription types
In-Progress and archived assessments will not be incorporated in any dashboard metrics and reporting
Added a free-text industry field for users in the scoping module
Support ticket creation if phone support offline
Release 2022.1.1.0
🐛 General Bug Fixes and Enhancements
😎 Enhanced Onboarding Workflow