CARPINTERIA, Calif., June 29 /PRNewswire/ -- Redspin, a leading provider of information security assessment services today announced a new offering for the rapidly growing Healthcare Information Exchange market sector. The Healthcare Information Exchange Security Assessment is specifically tailored for solution vendors, integrated delivery networks (IDNs), hospitals and government organizations to reduce risk and respond to security threats. The assessment is structured to comprehensively evaluate managerial, operational and technical security processes, ensure efficient regulatory compliance and build a durable security program that increases business value.
(Logo: http://photos.prnewswire.com/prnh/20100629/LA27730LOGO)
(Logo: http://www.newscom.com/cgi-bin/prnh/20100629/LA27730LOGO)
"Healthcare Information Exchange is a cornerstone of the American Recovery and Reinvestment Act (ARRA) and effective information security is a critical success factor for organizations ranging from solution vendors to State HIE's," said John Abraham, Chief Executive Officer of Redspin. "This is a complex and fast growing market that requires a focused offering to meet tough security, privacy and compliance challenges. We have worked closely with leading organizations across this sector to structure a service offering that is specifically tuned to meet their needs. We have developed a comprehensive solution that addresses key security concerns such as risk management process, operational problems such as incident response planning as well technical issues such as application security and virtualization management."
The major elements of the offering are outlined in the diagram below.
Information Security Area |
Assessment Category |
Scope |
|
Management |
|||
Governance |
Personnel security, Physical security, Policies, Procedures |
||
Risk Management |
Risk management processes |
||
Compliance and Audit |
HIPAA, HITECH Act |
||
Information Management |
ePHI management, Key management |
||
Business Associate Oversight |
Policies, Access management |
||
Operations |
|||
Incident Response |
Intrusion detection/prevention, Response planning |
||
Business Continuity |
Data backup, Disaster recovery, Business impact analysis |
||
Personnel Security |
Workforce Security and Security Awareness and Training |
||
Physical Security |
Facility Access Controls, Workstation Use, and Workstation Security |
||
Technical |
|||
Data Security |
Disposal, Encryption, Handling, Transit, Storage |
||
Network Security |
Architecture, Access control, Device management, Monitoring and event management |
||
Systems Security |
Access control, Policy review, Monitoring and event management, Virtualization management, System Hardening, Patch Management |
||
Threats to healthcare information exchanges have grown substantially in the last year due to increased focus from cyber criminals, insider threat and rapidly growing adoption. Redspin's information security assessment services enable customers to optimize their security programs and construct policy to respond appropriately. Early customers who have adopted the service have been able to respond to particular events such as regulatory audits and internal compliance requirements in an optimal fashion. Taken additively, the results of the assessment will lead to a structured security program where staffing, well defined responsibilities and effective security policies are the norm. The net result for customers has been business agility, effective security and rapid growth of the healthcare information exchange.
For additional information on Redspin's information security assessment solutions for healthcare, please visit us at: http://www.redspin.com/solutions/healthcare/
About Redspin
Redspin delivers the highest quality Information Security Assessments through technical expertise, business acumen and objectivity. Redspin customers include leading companies in areas such as healthcare, financial services, media/entertainment, retail/ecommerce and technology providers. Some of the largest communications providers and commercial banks rely upon Redspin to provide an effective managerial, operational and technical solution tailored to their business context, allowing them to reduce risk, maintain compliance and increase the value of their business unit and IT portfolios.
SOURCE Redspin
Share this article