|
HIPAA / HITECH Security Risk Assessment (August 2011) |
|
|
Today’s healthcare organizations are faced with many challenges when it comes to information security. While compliance with HIPAA has been required for several years, the passage of the 2009 Stimulus Act by Congress, including the HITECH Act, has added not only additional protection requirements, but has also provided incentive money for the implementation and ‘meaningful use’ (MU) of electronic health records. But to demonstrate meaningful use also mandates a security risk assessment.
Whether your organization is small or large, already has security policies and processes in place, or is looking to develop those, Sirius provides the services you need to help you not only demonstrate compliance as part of HITECH and MU, but also ensure that your patients' electronic protected health information (EPHI) is safe from malicious attacks or just unintentional loss.
|
Contact Sirius for compliance issues with HIPAA/HITECH/MU, PCI DSS, GLBA, state breach laws or other security challenges
|
|
Our highly credentialed and experienced team of security consultants has broad compliance experience (HIPAA/HITECH/MU, PCI DSS, GLBA, state breach laws, etc.), deep knowledge of standards frameworks (ISO 2700x, NIST, COBIT, NSA IAM) and by participating in various international and national standards organizations, can help you streamline policy management, reduce the number of controls needed to comply with regulatory requirements, and automate and improve control monitoring and reporting using the leading eGRC solution.
|
|
Sirius consultants utilize a risk-based security methodology to help us better understand your organization’s risk appetite, and ensure the most cost-effective protection strategies. We also leverage industry standards, frameworks and best practices methodologies to measure security and compliance needs are being met.
ISO and NIST security standards are used as the baseline for providing the following services for our clients:
• Security strategy alignment and policy development
• Compliance (HIPAA/HITECH, PCI DSS) Gap and Risk Assessments
• Information Security (ISO and NIST-based) and Vulnerability Assessments
• Application Security Assessments and Training workshops
• GRC Program Automation
|
|
Partnering with leading solution partners (including IBM, Cisco, F5, HP, Palo Alto, Symantec and VMware) also enables us to provide end-to-end security solutions across the entire framework of your business in the most cost effective and efficient manner.
To learn more about Security and Compliance Solutions from Sirius, contact your Sirius client executive. They can engage a Sirius security expert to visit you onsite or conduct a conference call and determine if a Security Risk Assessment would be helpful in your IT environment.
|
 |
|
|
