Article
Executive Resource
Insight Hub
Ext. Publication
VideoHealth Care Data Privacy and Cybersecurity
Ensuring data privacy and fortifying cybersecurity is not just a necessity for health care businesses but part of an overall commitment to patient care. To protect patient privacy, every facet of a health care business, from human resources to technological infrastructure, needs to operate within a meticulously crafted protective cybersecurity framework. This framework must include the ability to assess risks, pinpoint threats, implement safeguards, oversee systems and facilitate rapid response and recovery mechanisms.
Connect with usTrending
Insights & Resources
Executive ResourceOur health care cybersecurity team will help you assess the current state of your security posture and work with you to define a path to achieve your desired goals. Well-versed in the standards and control frameworks leading organizations to manage compliance, our team can assess environments, systems and practices against a variety of technical and regulatory requirements, including HIPAA, PCI, NIST CSF, NIST 800-53, Red Flags, Sarbanes-Oxley, FDICIA and GLBA. We understand the importance of keeping sensitive data locked up tight. We have built multi-layered protection to protect our clients’ data as well as our own, and our cybersecurity team works hard to stay ahead of the curve on changing threats.
We evaluate your current security stance, chart out a roadmap to your aspirational goals and ensure that your cybersecurity strategies resonate with your organizational vision. Your health care business will be more prepared, responsive and resilient in the face of these challenges.
HIPAA Security
- Risk assessments
- Readiness assessments
- Report on compliance
- Policy and program review
- Privacy assessment
Health Care Compliance
- SOC 1 Reporting, specifically over health care claims processing, medical coding, revenue cycle management and health care billing operations
- SOC 2 + HIPAA Security examinations
- Conduct cyber risk assessments
- NIST Privacy Framework assessments
IT Due Diligence
- IT overview and management processes
- Infrastructure (networking & support systems)
- Data management (ePHI) and resilience/recovery
- Identity and access management
- Cybersecurity management practices
Cybersecurity Operations and Risk Management
Consulting:
- Build/assess cybersecurity programs
- Conduct cyber risk assessments
- Cyber Maturity Assessments (Frameworks)
- Define strategic roadmaps
- Vulnerability assessments and penetration testing
- Incident Response Table-top Exercises (IR TTX)
- Social engineering
Compliance:
- PCI Readiness + Report on Compliance (ROC) & Attestation of Compliance (AOC)
- CMMC (NIST 800-171)