Inventory

Inventory all technology assets in your organization: Hardware - Software - Devices.

Consider whether or not the asset processes ePHI.

• Hardware, Software, Devices and processes that handle ePHI
• How is data created, received, processed, or transmitted that contains ePHI
• The assets may be used in an operational or administrative capacity
• Any software or computer program which processes, transmits or stores ePHI
• We can help you identify a wide range of hardware and processes to include in the assessment

Identify

Identify Threats, Vulnerabilities and their impact on your ePHI.

• Identify realistic threats and potential vulnerabilities
• Vulnerability Scans and Penetration Testing are utilized
• Assess current security controls and safeguards
• Assess probability of a threat attacking your ePHI intentionally or unintentionally
• Determine the likelihood and impact of a threat exploiting a vulnerability

Improve

Improve the policies, procedures and safeguards that process and protect your ePHI and control access to it.

• Draft and update policies to improve data safeguards and security control enforcement
• Prioritize improvements to address safeguards that are required
• Prioritize improvements to correct vulnerabilities that are most pressing within the current availability of resources
• Prevention is the opportunity for your organization to consider and document any additional measures you wish to take to address and reduce risk
• We help you manage your need -vs- budget condsiderations to then implement "reasonable and appropriate improvements"