|
Security Services
 Healthcare enterprises that succeed in the future must comply with all federal and state regulations including Health Insurance Portability and Accountability Act (HIPAA) privacy and security and the Health Information Technology for Economic and Clinical Health (HITECH) Act. The confidentiality and protection of vital information assets through implementation of effective security controls is critical.
Healthcare organizations must understand where and when their organization's electronic data may be at risk, and take the necessary steps to implement appropriate controls. A thorough risk assessment serves as the foundation for development of a security strategy to mitigate risk. The strategy is put into action through specific initiatives that align security with business goals and implement security technology into business processes. The result is an integrated, cost-effective solution that addresses the pressing needs of today's modern healthcare organization.
Assessment Services
Information
The Information Security Assessment includes an evaluation of current security processes as compared with industry standards and as required by HIPAA regulations and HITECH Law. A complete HIPAA/HITECH security evaluation is conducted to identify the potential risks, threats and vulnerabilities to the confidentiality, integrity and availability of electronic Protected Health Information (ePHI).
Network
The Network Vulnerability Assessment includes an evaluation of your network assets and identification of potential risk areas and level of regulatory compliance.
Disaster Recovery / Business Continuity
Disaster Recovery / Business Continuity Planning includes an assessment of your ability to effectively maintain information systems operation during a disaster, and your capacity for recovery of operations following a disaster. Deliverables include recommendations for improvements and development of a recover strategy.
Remediation Services
Risk Analysis and Planning
Risk Analysis and Planning includes conducting a detailed assessment of risk utilizing Phoenix's proprietary Risk Management Methodology for Healthcare Organizations (based on the NIST Security Risk Management Guide for IT Systems). Goals include identification and prioritization of risk mitigation activities and the creation of a formal Security Implementation Plan.
Training
Security, privacy, facility, disaster recovery and identity theft training is customized to meet your specific needs and can be delivered in a formal instructor-led classroom setting or via video training, or web conferencing.
Staff Augmentation
Phoenix can provide an interim Information Security Officer or other security management staff for organizations experiencing unexpected turnover or needing a quick solution to maintain stability and continuity during transition. Phoenix offers only skilled individuals with direct and successful security management experience.
Policy and Procedure Development
Phoenix can deliver a robust set of security and privacy policies and procedural documentation that are customized from our industry-standard templates or created to meet your specific needs.
Monitoring Services
Security monitoring services include providing periodic evaluations, testing, or ongoing monitoring of security activities and practices. This allows your organization to improve security controls while, at the same time, validating that these controls continue to operate as intended.
|
