OUR SERVICES
Our dedicated associates have significant experience in providing risk reduction and compliance services for the healthcare industry. Our goal is to exceed clients expectations and deliver exceptional, value-driven service on every project.
TECHNOLOGY RISK MANAGEMENT
CYBERSECURITY
AUDIT & COMPLIANCE
TECHNOLOGY RISK MANAGEMENT
Project Management – New Technology Implementations
- Scoping and Planning
- Day to Day Coordination and Communication
- Information Gathering and Validation
- Developing and Confirming Timelines and Milestones
- Reporting and Delivery
Disaster Recovery and Business Continuity
- High Availability Assessments (Identifying Single Points of Failure Infrastructure Design)
- Defining Recovery Time Objectives
- Tier Level Ranking
- Disaster Recovery Program Development
- Recovery Procedure Documentation
- Recovery Testing
GRC Program Development – Selection and Tool Implementation
- Technical Solution Selection and Implementation
- Road Map Development and Planning
- Assessment
- Guidance
- Program Structure
- Training
Epic Access Provisioning and Security Assessment
- Access Provisioning Development and Implementation
- Operational Security Controls Assessment
- High Availability – Identify Single Points of Failure
CYBERSECURITY
Evaluating Information Risks, Monitoring & Reporting Capabilities
- Conducting Privacy and Security Compliance and Strategies for meeting the requirements
- Conducting Risk Analysis on assets that contain Sensitive Information, including: (Utilizing the National Institute of Standard Technology methodologies (NIST))
– Applications
– Networks
– Medical Devices
– Mobile Devices
– IOT Devices - Conducting Network Penetration and Vulnerability Testing – Identifying weaknesses in both Hard-wired and Wireless Network
- Testing for Intrusion Detection, Virus, Malware and Phishing – Monitoring and Blocking
- Assessing for PCI Compliance and Readiness Assessments
- Evaluating Third Party and Vendor Risks
- HIPAA Compliance Assessments
- OCR Readiness Assessments
- Developing an ongoing risk reporting process, including Analysis Dashboards and Management Reports
Incident Response – Security Breach or Technical Failure
- Developing Policies and Documentation
- Defining Governance and Responsibilities
- Determining Communication and Reporting Flows
- Developing Risk Mitigation Strategies
Information Security Program – Co-Sourcing
- Implementing an ongoing Risk Management Governance Program – GRC
- Leading the day-to-day Security and Privacy Program – Handling Security and Privacy issues and events, Communicating program status
- Developing the ongoing risk ranking and mitigation methodology and plans
- Implementing security tools for monitoring and reducing risks
- Conducting organizational Security and Privacy Awareness and Training
- Developing an ongoing risk remediation program, process and reporting structure
Epic Security
- Security Assessments
- Account Provisioning
- Compliance Assessment and Remediation Activities
- Risk Identification
- Infrastructure Review
Virtual CISO
- Security Analysis
- Policy Development
- Security and Compliance Training
- Executive Reporting
Vendor Risk Management
- System and Process Implementation
- Ongoing 3rd Party Risk Evaluation
- Reporting
Audit & Compliance
Internal Audit Sourcing and Co-Sourcing
- Operational, Compliance and IT Auditing.
- Full or Partial Internal Audit Outsourcing
- Enterprise-Wide Risk Assessments
- Audit Assistance
Privacy and Security Risk Management
- HIPAA and HITECH Compliance Assessments
– Applications
– Technologies
– Medical Devices
– Electronic processes - Governance and Ongoing Administration
- Risk Analysis
- Risk Mitigation Strategy and Ongoing Analysis
- Policy Development and Implementation
- OCR Readiness Assessments
Comprehensive 340B and Pharmacy Solutions
- Mock HRSA audits
- Annual Independent audits
- Full program audits
- Policy and procedures review
- Program optimization
- Split-billing software configuration
- Program implementation
Third Party and Vendor Compliance
- Risk Assessment and Process Improvement
- Vendor Risk Management
- Tools and Processes
- Inventorying and Categorizing