HIPAA Security Assessments educate the healthcare providers' existing technology team to provide a complete
solution for the security of the organization's systems and data. HIPAA Security Assessments offer a complete
range of solutions to meet the HIPAA system security needs of healthcare providers.
Electronic organization and control of patient folders:
- Confidentiality - Identification/Authentication
- Integrity - Protection from modification
- Availability - Back-up/Recovery
|
Document policies and procedures required by HIPAA:
- Administrative safeguards
- Physical safeguards
- Technical safeguards
|
Security process:
- Upgrade virus protection software
- Install/Configure Firewall
- Install/Configure Intrusion Detection System
- Conduct security assessment penetration tests
|
Configuration management process:
- Establish a base line software configuration for workstations
- Standardize hardware configurations
- Configure workstations
- Establish a Change Management process
- Capture and back-up workstation images
|
Infrastructure upgrade and modifications:
- Upgrade workstations and servers
- Setup automatic software updates
- Create centralized Logon/Password procedures
- Establish process to restrict user access to
Protected Health Information (PHI)
- Set-up storage backup process
- Develop and test disaster recovery plan
|
Scheduled monthly administrative service contract for server and PC maintenance:
- Verification of Backups
- Disk Space Management
- Evaluate security of systems environment
- Maintain recoverable image(s)
- Audit for changes to infrastructure
- Check appropriate logs for potential error
|
Periodic assessment of implementation:
- Assess Backup Strategy
- Non-scheduled and Emergency support
- Support levels based on response time
|
Off-site data and workstation-image storage:
- Internet based data storage software
- Multiple layers of security
- Internal and external firewalls
- client authentication, IP filtering, intrusion detection
|
