What You Need to Know About Split Tunneling

By | News, Articles, Home Page Recent

Today’s modern networks require flexibility to allow workers to work from multiple locations.  One of the most common methods to achieve remote network access is a Virtual Private Network (VPN).  VPN’s can come in all shapes and sizes, from hosted to on-premises, to in the cloud, and can be built to fit all needs.  However, one topic that is often overlooked is whether or not to allow VPN users to utilize split tunneling. Webopedia defines split tunneling as “The process of allowing a remote VPN user to access a public network, most commonly the Internet, at the same time that the user is allowed to access resources on the VPN.” The idea is a user has a tunnel to the corporate network to access any apps or shared drives through the VPN connection while still utilizing the local internet connection of the remote user for access to the web or local resources.

Read More

Intraprise Health Appointed to 2 Seats on HITRUST CSF Assessor Council

By | News, Articles, Home Page Recent

Council Members Provide Expertise on Various Security and Privacy Programs of Interest to Healthcare Industry

Intraprise Health is pleased to announce that Ryan Patrick and Melissa Hawkins have been appointed to the HITRUST CSF Assessor Council. In its second year, the HITRUST CSF Assessor Council includes members representing a broad range of experience in information security and privacy. Appointees work closely with HITRUST to ensure and evolve HITRUST’s integrity, effectiveness and efficiency.

“We are honored to be appointed to the HITRUST CSF Assessor Council,” said Ryan Patrick, Senior Vice President and leader of Intraprise Health’s HITRUST practice. “Together with my colleague, Melissa Hawkins, we look forward to working closely with HITRUST to both learn from them and give them the benefit of our 8 years of field experience as a HITRUST Assessor firm.”

Certified Assessors since 2011, Intraprise Health (formerly BluePrint HIT) is completely focused on healthcare. With specifically designed programs for health systems, business associates and payers, Intraprise Health’s proven methodology and certification program management tools have helped healthcare organizations of all sizes achieve HITRUST certification. Intraprise Health’s broad range of security services include:

  • HITRUST Certification services
  • HIPAA Security Risk Analysis
  • Education and Awareness Training
  • Vulnerability/Penetration Testing
  • Security Risk Assessments
  • Third Party Risk Management

For more information about Intraprise Health and our HITRUST CSF services, please click here.

To register for our upcoming HITRUST CEP, being held in Malvern, PA on August 28 click here.

To register for our San Francisco CEP, to be held September 10, click here.

How to Prepare for HITRUST Certification: Gaining Organizational Support

By | Articles

Why HITRUST?

More than 81 % of U.S. hospitals and health systems and 80 % of U.S. health plans use the HITRUST Common Security Framework (CSF). It provides implementation standard that is understood and accepted throughout the healthcare industry. Having HITRUST certification in place shows other healthcare entities that you take your security seriously.

Now what?

You and your cybersecurity colleagues have done your research. You know the HITRUST framework is top-notch and addresses federal and state regulations and several security frameworks. Executives of your organization see the value in HITRUST’s CSF that will help you assess and manage your organization’s information security. You’ve got the green light. Where do you go from here? Education. From executive leadership to front line employees everyone needs to understand and accept the level of effort and commitment it takes to properly adopt the HITRUST CSF. Organizing educational sessions with stakeholders and identifying an organizational champion (someone that is very visible, respected and influential in the organization) to assist in sending the message.

What’s next?: Engaging staff throughout the organization

Read More

Zero Trust Architecture and the Future of Networking

By | Articles, Older Posts
By Joshua Perri

In today’s networks, having a strong defense at the perimeter-points is not sufficient to keep your data safe. The IT landscape moves very quickly and so do the threats that we face. Strong networks will implement additional defenses to protect the internal boundary points. These additional defenses will ideally vary in strength and type between segments, which house varying sensitivity levels of data. The Healthcare industry has been slowly adopting stricter network segmentation and role-based access throughout the entirety of its networks.
Read More

Tabletop Exercises: Unappreciated and Underutilized

By | Articles

Value for healthcare security – Not just a government planning tool

Government defense and response agencies from the Pentagon to FEMA, from state government to the EPA, have been conducting tabletop exercises (TTXs) for years. Why? In a word: they work. Cybersecurity attacks have been increasing in numbers and complexity against our government’s critical infrastructures and led to the development of cybersecurity exercises as a strategic way for an organization to test their detection and response actions, and as well as their response to information security threats and vulnerabilities in a real-time environment. Read More

What is HITRUST and how can it Benefit your Organization?

By | Articles

Today, covered entities and business associates are addressing a wide-range of regulatory requirements necessary to solve the growing complexities in the healthcare industry. Evolving technologies, migration to the Cloud, and cyber threats like ransomware are just a few top-of-the-mind issues. Combine those with regulations under HIPAA, Meaningful Use, PCI, COBIT and ISO, and you will find that covered entities and business associates need a way to manage their security programs more effectively. Read More

Four Tips to Help Protect your Medical Devices

By | Articles, Home Page Recent

The Challenge of Medical Devices: 

Medical devices represent significant exposure and potential vulnerability to healthcare organizations.
There are thousands of medical devices in use even in small medical operations. These devices are generally made to meet a specific use, and not often created with security at top of mind. They are also essential to keep functioning in order for health systems to operate. The volume, use, and design of medical devices combine therefore to present a unique challenge for healthcare security. Read More

Intraprise Health (formerly BluePrint HIT) rated 97.2* in KLAS Cybersecurity Services 2018 report

By | Articles

Intraprise Health (formerly BluePrint Security Services) was rated in the advisory focused firm category, scoring 97.2* out of a possible 100 points. The cybersecurity firm was praised by hospital and health system clients for five key areas – mitigating security risks, healthcare knowledge, a unique audit methodology, strategic expertise, and tailoring services to client need (Customer Interview Details, Page 69 – Cybersecurity Services 2018.). Read More