With penalties for HIPAA violations are reaching into the millions, this has become a priority for Every Healthcare Organization and Business Associate. Violations and fines associated with PHI breach can also damage long-established public trust and may even lead to jail time. That's why maintaining a secure, compliant health data environment is so important.

Our approach calls for phases, the first phase is the Gap Analysis. During this phase we determine your organizations’ overall compliance state,  and during site visits and interviews, we:

·         Gain foundational system knowledge and determine uses of PHI and ePHI across all lines of business.

·         Create a baseline of current security requirements and privacy practices, including employee training.

·         Identify deltas between HIPAA/HITECH requirements and your company’s associated implementations via system testing.

·         Develop the Gap Analysis Report that specifically outlines the weaknesses present in your system.

Building from the Gap Analysis Report, the second phase is the Technical Risk Assessment. The Risk Assessment will identify the required remediation necessary to attain compliance based on the Security Rule and your specific environment.  It includes:

·         Determining whether or not the implementation of non-compliant requirements is Required or Addressable;

·         Assessing impact of accepting risk vs. fixing the risk;

·         Evaluating the likelihood that existing vulnerabilities will be exploited;

·         Developing strategy for how selected weaknesses will be remediated and extent of residual risk, if any;

·         Building the Risk Assessment Report, based on the above findings, and beginning remediation efforts.

Leveraging our valuable partnerships with security leaders such as intel/McAfee, HP, Cisco, IBM, Tripwire and others and the broad array of available tools will allow you to select those that are most pertinent to your environment and deploy them in a manner that will deliver optimal results.

Evolve Your
Security Program
more than 17 years
of experience and hundreds
of satisfied customers

logo-3-dots-8Contact us for more information or call us at 212.221.3432

Information Technology
Management Corp
1441 Broadway, Suite 6133
New York, NY 10018. 
Phone: 212.221 3432
sThis email address is being protected from spambots. You need JavaScript enabled to view it.

Subscribe to our Newsletter