Security Services
Our goal is to craft a comprehensive program based on vigilant security controls, organizational resilience, and expert oversight.
Our goal is to craft a comprehensive program based on vigilant security controls, organizational resilience, and expert oversight.
Our security services have been at the vanguard of healthcare information privacy and security since 2009. Completely healthcare focused, we provide advisory services and solutions to meet the information security needs you face now and in the future.
Our Security Risk Assessment (SRA) offering now combines Intraprise Health’s highly rated security services with the industry’s leading HIPAA SRA software platform, HIPAA One®, to deliver a complete SRA solution for healthcare. With the recent acquisition of HIPAA One, Intraprise Health’s customers can now leverage our comprehensive SRA services through HIPAA One’s software platform (built on the NIST Cybersecurity Framework). SRA customers can access our assessor’s notes and findings through the HIPAA One platform during and upon completion of the assessment auto-generated reporting, including the final report of findings, as well as HIPAA One’s remediation management module can be utilized for an enterprise-wide, full-lifecycle and scalable approach to HIPAA security and compliance.
Intraprise Health’s SRA solution looks at an organization’s information security and risk management program in a collaborative, standards-based, and compliance-aware approach. Our Security Risk Assessment solution includes strategic, operational, and tactical assessments performed by seasoned cyber security experts in order to achieve comprehensive risk mitigation.
Progressive healthcare organizations perform a Security Risk Assessment/HIPAA Risk Analysis on an annual basis in order to maintain HIPAA compliance and fulfill their obligations to PHI security and privacy. Our cyber security professionals have deep HIPAA expertise and are armed with the latest scanning tools, techniques and the HIPAA One SRA platform. Using online questionnaires, document reviews, client interviews, physical walk-throughs, where possible, of facilities and internal and external vulnerability testing, Intraprise Health’s security risk assessments analyze large amounts of information. This gives us the most meaningful and accurate vulnerability intelligence for risk analysis and remediation planning.
Penetration Testing uses existing vulnerabilities to uncover security blind spots as well as to determine to what extent they can be exploited. Our penetration testing expert (“ethical hacker”) simulates the actions of an external cyber attacker to expose critical systems and strives to gain access to sensitive data.
We use a mix of proven penetration frameworks and tools containing databases of known exploits that are deployed against a set of discoverable entry points and the services that run on them.
Education and Awareness Program Development
Security vigilance is achieved through staff awareness and education. It is an organization’s most powerful risk mitigation tool.
Our programs feature security experts who make security education engaging and interesting with the goal of increasing competence and confidence.
Business Impact Analysis (BIA) is a systematic process to assess and evaluate the potential effects of an interruption to operations as a result of a natural or man-made disaster, accident, or other emergency, and to gather information needed to develop recovery, prevention, and risk mitigation strategies. We conduct Business Impact Analysis in accordance with NIST Special Publication 800-34 and best practices outlined by the Disaster Recovery Institute International (DRII).
Data breaches are on the minds of every C-Suite executive in Healthcare. Third-Parties (i.e., vendors and business partners) with access to an organization’s Protected Health Information (PHI) and/or Personally Identifiable Information (PII) represent a significant risk due to the potential for data breaches. Until recently, Third-Party Risk Management (TPRM) has been primarily treated as a compliance and contract approval “checkpoint”. Due to the significant growth in healthcare data breaches and the awareness of the risk posed by third-party security weaknesses, healthcare organizations have started implementing stronger TPRM programs that try to focus on uncovering true security weaknesses in the hopes of addressing this large-scale problem. However, most organizations struggle to assess their third-parties and business partners effectively, mostly through a patch-work of static forms, lengthy security questionnaires and haphazard email-based communication. Requests come from almost anywhere in the supply chain without consistent information and solid process.
Intraprise Health delivers industry-leading TPRM services provided by certified, expert and proven healthcare security experts. Organizations seeking a security-focused solution and the ability to scale-up to meet their needs can rely on Intraprise Health. Although we customize our program to meet your requirements, our core TPRM services utilize the following approach:
Our TPRM Services provide a comprehensive and scalable set of services performed by seasoned experts on a fully or partially outsourced basis. Contact us to learn more about Intraprise Health’s industry-leading TPRM services.
Click here to visit our dedicated HITRUST page