ePHI Infrastructure Privacy & Security Assessment Service

When private electronic health records (EHR) are breached, healthcare service providers suffer damage to their brand, reputation, loss of trust from their patients, and severe financial repercussions.

  • HIPAA privacy and security law’s mandate that appropriate administrative, technical, and physical safeguards be used to protect the privacy and security of sensitive health information.
  • The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 as part of the American Recovery and Reinvestment Act (ARRA) clarifies and supplements HIPAA requirements, particularly by raising the financial penalties incurred by covered entities and their business partners that violate the HIPAA Privacy and Security Rules.
  • Both HIPAA and the HITECH Act are enforced by the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR).

Bridge Consulting “ePHI Infrastructure Privacy & Security Assessment Service (IPSA)” provides an innovative and comprehensive snap-shot of healthcare organizations health information technology (HIT) Infrastructure vulnerability and privacy and security concerns. The IPSA is delivered as a personalized responsive consulting service utilizing proven assessment techniques and state-of-the-art Software as a Service (SaaS) technology tools. IPSA is deployed by experienced consultants and a zero technology foot print in your environment. IPSA is seamlessly scalable to fit hospitals, clinics, private medical practices, health diagnostics providers, and home healthcare provider environments of any size.

The IPSA service is provided as a one-time assessment to identify privacy and security risk, assist in HIPAA and HITECH Act audit reporting, and to develop an ePHI infrastructure improvement plan. Or, segments of the service can be contracted as an on-going “managed service”.

Vulnerability Scan Report Summary Example:

 

IPSA Assessment Process

Discovery

  • Identification of ePHI Network and System components
  • Vulnerability Scan Snap-Shot
  • Assessment Questionnaire
    • Network and System Identity Authentication Review
    • Service Management Review
      • Incident, Problem, Configuration, Change, and Security Management
  • HIPAA & HITECH Act Policy Review
  • ePHI Infrastructure Business Process Management Review

Assessment and Recommendations Development

  • Discovery data analysis and assessment
  • Report and Recommendation Generation

Assessment Report and Presentation

  • Privacy and Security Vulnerability Risk Report
  • Recommendations for vulnerability remediation
  • Privacy & Security Infrastructure Improvement Plan

Learn more about our ASSESSMENT METHODOLOGY HERE...
created by paul thomas designs