Sales and General
Toll Free: 1-866-733-8735
Most healthcare organizations are aware that regular Security Risk Assessments (SRAs) are no longer optional; instead, they are required and stringently enforced. HIPAA Privacy and Security Rules require organizations that handle health information to routinely review the administrative, physical, and technical safeguards they have in place to protect the security of patient health information (PHI). SRAs are also a mandatory requirement for providers seeking payment through the Medicare and Medicaid EHR Incentive Program, commonly known as the Meaningful Use Program.
Although conducting regular SRAs may seem to be a hassle, the cost of failing to conduct them and remediate risks is much worse. Penalties can include millions of dollars in fines, civil and criminal litigation, restitution, and damage to institutional and professional reputations.
The good news is Fortress Networks makes it painless and simple. Fortress Networks’ expert Information Security team has conducted and successfully delivered thousands of security risk assessments to healthcare organizations of all sizes and types. Our comprehensive process provides you with a clear, unbiased analysis of your organizations compliance to all 20 Security Standards and more than 60 Safeguard Criteria.
Each security risk assessment provides both non-technical and technical remediation steps so that both executive and technical teams can understand the risk and appropriate remediation steps for their size organization. In addition, all completed SRA’s fully satisfy the ONC’s Meaningful Use CORE criteria audit requirements.
Essential Components
Fortress Networks security risk assessments include a complete examination of these essentials:
Common Areas of Assessment
Fortress Networks’ approach is a focused risk management framework based on HITRUST standards and the Common Security Framework. Major security and privacy domains include:
Fortress Networks provides a comprehensive, audit-ready report with findings and recommendations that includes detailed vulnerabilities and remediation recommendations. Remediation may include outsourcing disaster recovery, backup and restore processes, information hosting, and perimeter testing through a HIPAA-compliant, cloud-based infrastructure. With this option both IT and security burdens are offloaded to seasoned experts.
For more information on Fortress Networks’ Security Risk Assessment or to receive a free no-obligation quote, please contact us online or call 1-866-733-8735.