All Posts By

Siobhan Carroll

Healthcare Payers: Scalability and Risk Management-Based Prioritization

By | Articles

April 2020

As healthcare payers surge to meet the increasing needs of their members and health system partners, their IT and security teams are gleaning some timely reminders that scalability and adoption of a risk management framework are critically important in times of crisis.

Scalability is a “muscle” that all security teams will need to strengthen throughout their enterprise security program because as the COVID-19 pandemic has shown we don’t know when or what aspect(s) of the program will be tested and to what degree. Scalability may not be as important during a one-time event, like a breach or malware attack – an organization can often address a specific issue head on. However, when there is sustained pressure or a fundamental shift that increases scope, it becomes critical that the organization have scalable processes and tools.

Read More

Focused Security Risk Assessments: Remote Work for Healthcare Organizations in the Age of COVID-19

By | Articles, Home Page Top, Home Page Recent

April 2020

As the reality of working from home sinks in, many remote workers and their employers are seeing the appeal fade quickly. We all know that remote work is not quite as simple as it sounds. Technical, operational, and communication challenges are quickly presenting themselves when workforce members overload remote access systems, can’t perform their duties, and don’t know the best channels for reporting their issues and incidents.

Are we prepared for the information security and cybersecurity challenges specific to this new paradigm: remote work in the age of COVID-19? Read More

cybersecurity resources for healthcare

Resources for Healthcare Organizations During COVID-19 Pandemic

By | Articles, Home Page Recent

As COVID-19 changes the way many healthcare organizations are operatingIntraprise Health has begun compiling a list of resources that we think may be useful to your organization as our team of cybersecurity experts has been fielding questions from clients on many of these topics Links to resources such as securing your (in many cases) newly organized work from home force, to newly relaxed HIPAA privacy rules and guidance from the Department of Homeland Security are included. 

We hope you find this information useful and will continue to update this list as our team adds more resources.   Read More

Security Risk Assessments for Healthcare Webinar 4/23/20

By | Webinars/Events, Home Page Recent

 Sign Up Here

 

Maintaining vigilance for your healthcare organization includes staying focused on the basics and good security practices. Security Risk Assessments provide hospitals and healthcare organizations with a way to maintain HIPAA compliance, lower security risks, and protect PHI. One basic yet critical practice is to perform a security risk assessment whenever there is significant change in the environment. 

With all the recent changes to computing environments, remote access methods and work locations it is important to perform a security assessment that prioritizes these areas of focus and their associated security controls.  

Join Intraprise Health for a free SRA webinar on April 23 at 2 pm EST that will explain how you can prepare for and remediate your risks, once you’ve identified the areas and control categories that have been most impacted within your organization. 

 According to HHS the compliance issues most often alleged in complaints are: 

  • Impermissible uses and disclosures of protected health information; 
  • Lack of safeguards of protected health information; 
  • Lack of administrative safeguards of electronic protected health information; and 
  • Use or disclosure of more than the minimum necessary protected health information. 

 Sign Up Here

During this webinar, Intraprise Health security experts will discuss: 

  • What is the value to your organization of an SRA 
  • How to prepare for and execute your SRA
  • How frameworks can be used to enhance the SRA process 
  • How to introduce quantitative analysis into your SRA 
  • How the prioritized recommendations from your SRA can guide your risk program
  •  How to determine your remediation approach 
Penetration Testing - why you need it

When Requesting a Penetration Test- Do You Know What to Ask For?

By | Articles

As we continue to rely on the interoperability of our computer systems in our everyday lives, we must remember this interconnectivity comes with a priceThe ability to access devices remotely over the internet has created a new world of ease and freedom which can be manipulated by malicious actorsIt’s quite eye-opening in its simplicityIf a device is exposed on the internet it has the possibility of being compromised   Read More

Intraprise Health Selected For Second Time As Member Of The HITRUST Assessor Council

By | Press/News, Home Page Top

Yardley, PA, March 3, 2020– Intraprise Health, one of HITRUST’s longest tenured external assessors and a leading provider of highly rated, healthcare-specific cybersecurity services, today announced that Ryan Patrick, Senior Vice President of Security Products, and Melissa Hawkins, Information Security Team Lead, have again been named as members of the 2020 HITRUST External Assessor Council. Ryan and Melissa were initially selected to serve on the HITRUST External Assessor Council in 2019. Ryan was also named to the Council’s Quality Assurance subcommittee, aimed at further upholding the Council’s continued focus on maintaining a standard of excellence. Read More

Third-Party Risk Management: Keeping Your Healthcare Organization’s Information Safe

By | Home Page Recent

Read the latest article by Intraprise Health’s CEO, Sean Friel in Security Magazine.

“As the person in charge of your healthcare organization’s information technology, one of your responsibilities is protecting patients’ and clients’ information. This can be difficult because third-party vendors with whom you contract can unwittingly jeopardize the security of that information. But you can take steps today to help prevent those problems tomorrow.

Data breaches are increasingly on the minds of every C-suite executive in healthcare. Reading about security breaches can make the mightiest execs groan at the possibility something like that could happen to their healthcare organization.” Read More

What You Need to Know About Split Tunneling

By | Articles

Today’s modern networks require flexibility to allow workers to work from multiple locations.  One of the most common methods to achieve remote network access is a Virtual Private Network (VPN).  VPN’s can come in all shapes and sizes, from hosted to on-premises, to in the cloud, and can be built to fit all needs.  However, one topic that is often overlooked is whether or not to allow VPN users to utilize split tunneling. Webopedia defines split tunneling as “The process of allowing a remote VPN user to access a public network, most commonly the Internet, at the same time that the user is allowed to access resources on the VPN.” The idea is a user has a tunnel to the corporate network to access any apps or shared drives through the VPN connection while still utilizing the local internet connection of the remote user for access to the web or local resources.
Read More

Intraprise Health Appointed to 2 Seats on HITRUST CSF Assessor Council

By | Articles

Council Members Provide Expertise on Various Security and Privacy Programs of Interest to Healthcare Industry

Intraprise Health is pleased to announce that Ryan Patrick and Melissa Hawkins have been appointed to the HITRUST CSF Assessor Council. In its second year, the HITRUST CSF Assessor Council includes members representing a broad range of experience in information security and privacy. Appointees work closely with HITRUST to ensure and evolve HITRUST’s integrity, effectiveness and efficiency. Read More

Intraprise Health Launches Software Service to Battle Security Breaches in Healthcare Organizations

By | Press/News, Home Page Recent, BluePrint Protect

BluePrint Protect™ Security Risk Management Software Manages and Automates Security

YARDLEY, Pennsylvania, August 13, 2019 – Utilizing more than a decade of expertise in security and technology for healthcare clients, Intraprise Health has created BluePrint Protect™ Security Risk Management Software.  BluePrint Protect™ was created to help organizations efficiently manage and automate their security program, starting with one of the most pressing needs for any organization, Third-Party (Security) Risk Management, or TPRM. Read More