All Posts By

Pam Hayduk

Questions about HITRUST Certification? Get Answers from an Experienced HITRUST Assessor

By | Webinars/Events
Interested in HITRUST but not sure how to get started? Wondering what the time commitment is and how much effort it takes?

Join us on Thursday, May 6, 2021 at 1 PM ET, as our experts answer questions on these topics, and other topics from the audience including:

  • Scoping and assessments
  • Identifying Risks/Gaps
  • Risk Remediation and
  • Testing/Validation
  • Understand Inheritance vs. Reliance
  • The difference between HITRUST and NIST

Read More

The TPRM Paradigm Shift: What You Need To Know

By | Previously Recorded

Managing third-party (“vendor”) risk in a holistic manner is a top priority for all organizations. Recent reporting highlights how malicious actors are targeting healthcare data and security weaknesses across the entire supply chain including the third parties that host data for their customers on cloud and hosted platforms.

The reality is that most organizations struggle with various elements of a holistic program not to mention more complicated processes like completing an effective third-party security assessment. The key to solving these challenges is to implement processes and tools that allow the organization to identify, monitor and manage security risks across several hundred third-party solutions within a dynamic, constantly changing environment that relies on many departments to work together in a cohesive fashion.

This webinar will help organizations understand the unique risks faced by healthcare organizations including:

  • Ensuring compliance and building a centralized third-party vendor Business Associate Agreement repository
  • Avoiding a “cookie-cutter” approach to assessing your third parties through a collaborative, third party-specific security questionnaire
  • Using Portfolio Manager to rate your risks
  • Leveraging workflow and process automation to scale your TPRM program
  • Accelerating risk assessments of new solutions during a crisis situation

HIPAA Compliance Management for Hospitals

By | Webinars/Events, Home Page Top, Home Page Recent
HIPAA compliance and data security are more important than ever for hospitals and health systems. Healthcare organizations must regularly perform a Security Risk Analysis (SRA) to maintain HIPAA compliance and fulfill their obligations to PHI security and privacy. Managing compliance can be a messy, tedious task – especially if you are using spreadsheets and emails and are dealing with hundreds of individual clinics and practices.

Join us on Tuesday, April 27, 2021 as we outline steps your organization can take to address your HIPAA Security Risk Analysis and HIPAA compliance requirements in 2021.

Read More

Part 2: Addressing security risks of personal business in the workplace

By | Press/News, Home Page Top, Home Page Recent

By Brian Parks and Sanjiv Kalkar, Intraprise Health

Part 1 of Addressing Security Risks of Personal Business in the Workplace highlighted the risks associated with employee use of corporate connected devices in the execution of personal business. To summarize, employee use of a device connected to the corporate network, even a company-provided device, for personal business such as email, file-sharing, etc. exposes the organization to additional risks of malware, including ransomware, impacting the corporate network. The risks are similar whether the device is connected directly to the corporate network (on premise) or via VPN for remote workers. Read More

KLAS Blog: How to Strengthen Your Security Program

By | Press/News, Home Page Top

Health systems are experiencing a barrage of cybersecurity attacks. Establishing a strong security program is paramount to thwart bad actors’ plans of gaining access to critical data and systems.

The majority of health systems have a security program in place, but programs will continually need to be strengthened and refined. What can health systems proactively do to continually enhance their security programs?

KLAS reached out to healthcare-focused cybersecurity firms and asked the following question: “What can health systems do today to avoid pitfalls and gaps in their security programs?Read More

Information Security Consultant

By | careers

Position Highlights

The Information Security Consultant is a key contributor to the various services provided by Intraprise Health. As an information security subject matter expert, you will have the opportunity to participate in a wide variety of customer initiatives that span a broad range of services.

The Security Analyst position affords the qualified candidate to be exposed to, and become proficient with, a wide range of security frameworks, technologies, and disciplines.

The primary responsibilities for this position will include applying your knowledge of various regulations and frameworks to complete program reviews and assessments following industry regulations and frameworks. These assessment activities will include one or more of the following:

  • Conduct operational and technical information security assessments for customer organizations per the HIPAA Security Rule and relevant security framework(s).
  • Review and evaluate an organization’s information security posture for compliance with the HITRUST, NIST and other frameworks.
  • Participate in HITRUST framework assessments working closely with other team members to guide customers through their journey of framework adoption and certification.
  • Opportunity to host webinars and author relevant blogs, articles, whitepapers, etc.

This position offers considerable growth potential as Intraprise Health expands its services and solutions and grows its client base. A strong technical background, willingness to learn and good work ethic will be necessary for success in this position. The employee will gain hands on experience while participating in critical business projects aligned with company goals. The Information Security Consultant will gain experience in analysis, documentation, troubleshooting process improvement and technical troubleshooting for project implementations. Previous information security experience is a plus.

Please email resumé and cover letter to jobs@intraprisehealth.com. Read More

HITRUST Project Manager

By | careers

Position Highlights

The HITRUST Project Manager/Team Lead is a key contributor to the foundation service provided by Intraprise Health. As an information security subject matter expert, you will have the opportunity to participate in a wide variety of customer initiatives that guiding Intraprise customers through the HITRUST CSF certification and adoption process.

As the leading security and privacy framework in the healthcare industry, HITRUST serves to benchmark, remediate, monitor, and mature an organizations security/privacy management program. In this role, you will be at forefront of helping our customers achieve this.

This position offers considerable growth potential as Intraprise Health expands its services and solutions and grows its client base. A strong leadership and collaborative background, willingness to learn and good work ethic will be necessary for success in this position. The employee will gain hands on experience while participating in critical business projects aligned with company goals.

Please email resumé and cover letter to jobs@intraprisehealth.com. Read More

Improve Your Security Posture with a HIPAA Security Risk Assessment (SRA)

By | Previously Recorded

Performing an SRA is a requirement under the HIPAA Security rule as well as leading risk management frameworks such as HITRUST and NIST. It’s also the key requirement in OCR’s HIPAA Audit Protocol. An annual HIPAA Security Risk Assessment is your opportunity to pause and focus on enhancing the overall resilience and strength of your information security program – and a key component of a complete risk management program.

During this webinar, we discuss:

  • Understanding HIPAA compliance and your responsibilities
  • Leveraging a HIPAA SRA as a foundation for compliance, security and risk management
  • Identifying key controls and how they align with the HITRUST or NIST security frameworks
  • Leveraging your SRA to prepare for an OCR HIPAA Audit
  • Steps you can take to create an ongoing program that prioritizes HIPAA compliance, remediation management and security risk management year round

Part 1: Security risks of personal business in the workplace

By | Press/News, Home Page Top, Home Page Recent

By Brian Parks and Sanjiv Kalkar, Intraprise Health

The typical company culture of today is less of a strict clock-in/clock-out mentality than in years past. Company expectations on methods of work have morphed over the years, and employees checking personal email or performing some personal business on “company time” is often ignored or overlooked as long as it doesn’t interfere with the employees’ job performance. Read More

Intraprise Health Acquires HIPAA One

By | Press/News, Home Page Top, Home Page Recent

Creates Comprehensive Integrated Security Risk Management and Compliance Platform for Healthcare

YARDLEY, Pennsylvania, January 6, 2021–  Intraprise Health, a leading provider of cybersecurity services and solutions and the Protect™ risk management software platform, today announced that it has acquired HIPAA One, provider of industry leading HIPAA compliance automation software. The merger allows Intraprise Health to offer an integrated set of cybersecurity and compliance software solutions to the healthcare market. Read More

We use cookies in order to give you the best possible experience on our website. By continuing to use this site, you agree to our use of cookies.
Accept
Decline
Privacy Policy