Healthcare Organization and Cybersecurity

Executive Management asked Elliott Davis to help answer: “Is my electronic protected health information (ePHI) safe from cybercriminals and others that steal healthcare data?”

Context

• The organization serves patients through its network of hospitals, clinics, and surgical centers.
• Needed to mitigate risks associated with creating, maintaining, transmitting, storing, and securing electronic protected health information.

 Our Approach

• HIPAA Security Rule Risk Analysis
• Cybersecurity Center for Internet Security (“CIS”) Top 20 Assessment
• External Vulnerability Scan/Penetration Testing
• Social Engineering Assessment

 Customer Results

• Met legal requirements
• Received HIPAA Security Rule Risk road map for each of its entities to efficiently and effectively begin to mitigate risk exposure
• Gained understanding of cybersecurity exposure through assessment and established plan and framework to remediate identified gaps
• Identified how to protect areas an attacker might exploit to gain access to environment

We Can Help

For more information on this and other topics, contact a member of our team.

The information provided in this communication is of a general nature and should not be considered professional advice. You should not act upon the information provided without obtaining specific professional advice. The information above is subject to change.