How to Order
Warranty
Contacts

 

DIR Customers
Click Here

 

Professional Services

HIPAA Compliancy Assessment

“Protection of electronic protected health information is essential.”

The HIPAA Compliancy Assessment Service from Future Com Professional Services provides an analysis of security controls in the areas of people, process, and technology.

Companies are faced with challenges to reduce risk and implement adequate security controls. The following list is a sample of challenges that impact companies:

• Meet applicable compliance requirements and data privacy regulations
• Ensure confidentiality, integrity and availability of electronic protected health information (EPHI), information
• Reduce risk using current security controls
• Protect branding and stakeholder interest
• Instill customer confidence in protecting their personal & financial data
• Perform due diligence (e.g., to avoid penalties and liabilities)

Future Com will help companies protect EPHI, regardless of where it is stored, viewed, and how it is transported. In addition, the HIPAA Compliancy Assessment provides a HIPAA analysis of security controls in the areas of:

• Security Management
• Process Policies and Procedures
• Assigned Security Responsibility
• Information Access Management
• Security Awareness and Training
• Security Incident Procedures
• Contingency Plan
• Evaluation
• Third-Parties
• Facility Access Controls
• Workstation Use and Security
• Device and Media Controls
• Access Control
• Audit Controls
• Integrity
• Authentication
• Transmission Security

The objectives of the HIPAA Compliancy Assessment include but are not limited to the following:

• Conduct a risk assessment enterprise-wide to assess the security posture
• Identify areas for improvement and provide advice and recommended direction on appropriate actions to mitigate risks and address potential consequences of a loss of confidentiality, integrity, and/or availability of information and technology assets
• Determine the appropriateness and effectiveness of current information security policies & controls
• Formulate a baseline of measurement derived from regulations (e.g., HIPAA), standards such as NIST (National Institute of Standards and Technology), ISO 27001/27002, CobiT, etc, IT governance objectives, and regulatory requirements for the safeguarding of information

Being in the industry for over fifteen years, Future Com recognizes the challenges faced by today’s IT and compliance managers and administrators and the need for proper evaluation of security controls which may include product implementation and tuning. Too often companies spend a great deal of money on equipment that is installed and configured utilizing basic features and evolved network architectures. With certified network engineers, Future Com can address these issues through professional services that help reduce the risk, improve security controls, and ensure correct deployment, tuning and knowledge transfer. IT administrators live in a “Perception is Fact” world and when companies spend money on solutions that is what they expect…. solutions, not equipment. Future Com is ready to help you maximize resource utilization, simplify your operation and improve network security.

Example Scope of Engagement

Future Com will provide this service for up to 3 week(s) of onsite service for the assessment and a follow up meeting for presentation of analysis and recommendations.

Tasks

Future Com’s Security Technical Analyst(s) will work with your executives, IT and IS staff, and business units to assess the current security health of the implemented security controls and to make best practices recommendations for security improvements including HIPAA specific requirements. This engagement will consist of the following:

1. Discover security controls in the current environment
   1. Identify risks, threats, and vulnerabilities
   2. Complete HIPAA questionnaire
2. Review current security controls environment
   1. Verify current environment
   2. Complete HIPAA Compliancy Assessment Matrix
3. Recommend improvements
   1. Create action plans to remediate identified risks
   2. Provide additional options to mitigate controls

Deliverables

HIPAA Questionnaire
HIPAA Compliancy Assessment and Recommendation Report

Professional Services Ordering Information
FCS-PROFSVCS-HIPAA-21

Additional Related Future Com Professional Services offerings:

PCI Compliancy Assessment
SOx Readiness Compliancy Assessment
Network Optimization Assessment
McAfee ePolicy Orchestrator Audit