HIPAA Compliance Package An all-in-one bundle designed to help you reach compliance.
Any organization maintaining or transmitting Electronic Protected Health Information (ePHI) must comply with HIPAA/HITECH regulations. This assessment package is designed to determine your compliance posture and help you meet the requirements where gaps exist.
Our package includes:
HIPAA/HITECH Gap Analysis – This assessment involves a comprehensive audit on all the ways electronic protected health information (ePHI) is stored, processed, or transmitted on your network. A HIPAA/HITECH Gap Analysis will be a complete audit of your organization’s:
- Physical safeguards
- Administrative controls
- Technical controls
- Security policies and procedures
- Organizational requirements
- Breach notification & incident response
Risk Assessment – A formal risk assessment evaluates the threats to your organization, the vulnerabilities of your network, and the security controls you have in place to protect your network. A risk assessment correlates information from your security assessments and evaluates the overall risk to your organization to help drive strategic decisions.
Policy Development – Comprehensive security policies written by security professionals. Our policies are designed to meet your compliance needs while optimizing your business requirements. Some of the policies we can help with include:
- Access Control Policy
- Acceptable Use
- Disaster Recovery Plan
- Password Policy
- Incident Response Plan
Security Awareness Training – Our training avoids the pitfalls of normal, generic security awareness training that puts employees to sleep. We do this by incorporating details from our experience and previous assessments that demonstrate the ramifications of employee actions to both their privacy and the organization as a whole. Our security awareness training will educate your employees to:
- Identify common indicators of an attack
- Understand ways to protect themselves
- Recognize the bypass of security controls
- Report potential incidents
External Penetration Test – An external penetration test emulates an attacker trying to break into your network from the outside. The goal of the engineer performing this assessment is to breach the perimeter and prove they have internal network access. This test includes:
- Open source reconnaissance against the organization
- Full port scan covering all TCP ports and the top 1,000 UDP ports of the targets in scope
- Full vulnerability scan of the targets
- Manual and automated exploit attempts
- Password attacks
Why Triaxiom Security
We partner with you to give you the information you need to defend against today’s threats.