You With Risk?
January 29, Click here to get started!
If you don't know the answers to these questions then it's time for a HIPAA IT Security Assessment.
Basic HIPAA IT Security Assessment Questions:
- Do all of my systems require a password?
- Do all of my systems require a password reset every 90-120 days?
- Do my systems timeout after a certain amount of time of inactivity?
- Are all of my laptops encrypted?
- Do I have a business associate agreement with every vendor that might access ePHI?
- Do all employees go through HIPAA training at least annually?
Making an accurate and thorough HIPAA IT Security Assessment of potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information can be a challenge. From staff availability to other financial pressures, many hospitals take a lukewarm approach to IT security. However, cyber and data security is more than an IT issue— it is a patient safety and business issue for your hospital.
|A health data breach means that a hospital stands to lose anywhere from $100 to $1.5 million in fines and possible criminal charges.|
Source: American Medical Association
In addition to financial penalties, security attacks threaten an organization’s reputation and brand, put regulatory compliance at risk, affect operations and can even impact quality and patient care.
Remain compliant and avoid significant fines and penalties that could impact patient care. You are required to identify, rank and mitigate or remediate risks. Our proven approach includes: onsite interviews with your hospital’s key staff; a gap analysis of policies and actual performance; an extensive technical assessment of the IT security configuration at the hospital and connected facilities, including operating system patches, encryption, firewall protection and backup review; a network penetration and vulnerability test; a detailed breach notification policy and process review; a HITECH and Meaningful Use assessment. Our tool will gather an inventory and inspect every piece of hardware on your network. The final deliverable will include all of the detail you need to know about the current state of your security posture, an actionable list of tasks your team can use to resolve issues and a risk assessment document that can be provided to the OCR if audited. If requested, we can even refresh the technical assessment every quarter to ensure the remediation is actually occurring. As a hospital executive, you will have the information you need to be sure your organization has the correct policies and procedures in place as well as a governance process to ensure remediation is occurring.
To conduct a HIPAA IT Security Assessment, realize your organization's goals and achieve organization-wide improvements, please call 866.371.4669 or fill out the form above and someone will contact you.
Don't forget to check out our HIPPA Risk Assessment webinar January 29, 2018 and stay up to date on our upcoming webinars and classes for 2018!