HIPAA Solutions Overview
ACT leverages years of experience in the healthcare and IT security industry to partner with our clients in developing secure HIPAA compliant business processes and maintaining strong security controls. ACT has devised a phased approach to effectively address all aspects of client’s HIPAA security requirements. We apply proven, leading-edge methodologies to address our client’s unique business objectives by applying our subject-matter expertise to work alongside our clients as a strategic security partner throughout the business relationship. ACT’s goal is to be your chosen security partner in developing and executing on a “compliance roadmap” that meets your organization business needs.
Compliance Assessments
Whether validating an established security program or starting a new security program, EVERYONE can benefit from an unbiased and thorough compliance assessment.
Many businesses today rely on internal self assessments then find out to late that the security they thought was in place did not meet their business needs. CMS has announced that it will conduct HIPAA compliance audits in approximately 20 hospitals in 2008. Are you sure you are ready?
ACT’s security consultants have years in the healthcare and security field. We know the special needs of the healthcare industry and how to bring the most value to your business.
The goal of ACT’s Compliance Assessment is to provide our Clients with a comprehensive and accurate report of their current security posture, together with detailed technical information needed to improve system security and controls. To this end ACT offers an expanded approach to Security Vulnerability Assessments that provides maximum enterprise coverage and technical accuracy.
The traditional approach to vulnerability assessments focuses on conducting tests that simulate a real-world attacker using a mired of tools and techniques to “break into” the corporate network from either the internet or from within the internal network. Penetration Tests are usually “blind” tests with little knowledge of the network, applications or operating systems. The goal of a penetration test is to find a security hole in the Clients systems or applications and exploit the security vulnerability in order to gain administrative access and control of systems. Although this approach is very effective at identifying a security hole or path into the network, it does not identify ALL security vulnerabilities.
ACT believes that in order to comprehensively assess a client’s security posture and identify all security risks with the least amount of “False Positives” the vulnerability assessment should be conducted with knowledge of the network and access to systems being tested. ACT Vulnerability Assessment methodology utilizes various tools and techniques that authenticate to systems so that the existence of security threats and vulnerabilities can be validated and confirmed by reviewing each individual system’s current policy settings, configurations, installed software and security patches and updates against applicable known security vulnerabilities. This approach provides a greater view into each system, and allows ACT to produce an array of reports that measure systems against corporate policies and standards.
Some of the areas evaluated during the assessment:
-
Network Design
-
Network Systems – firewalls, routers, switches, VPN concentrators
-
Internal Systems – servers, workstations, printers, SAN, UPS
-
Wireless Network
-
Policies & Procedures
-
Application Security
-
Active Directory and Applications Accounts
Let ACT bring our
proven client satisfaction record to
your business. Call
703-891-4334 x853 for more information or send an email to healthcare@actnow.com and we will contact you.
Desktop Systems
Anti-Virus