Redspin Introduces New Service Offering for the Healthcare Market

Service helps build durable security programs in the rapidly growing Healthcare Information Exchange (HIE) market sector

Jun 29, 2010, 10:30 ET from Redspin

CARPINTERIA, Calif., June 29 /PRNewswire/ -- Redspin, a leading provider of information security assessment services today announced a new offering for the rapidly growing Healthcare Information Exchange market sector.  The Healthcare Information Exchange Security Assessment is specifically tailored for solution vendors, integrated delivery networks (IDNs), hospitals and government organizations to reduce risk and respond to security threats. The assessment is structured to comprehensively evaluate managerial, operational and technical security processes, ensure efficient regulatory compliance and build a durable security program that increases business value.



"Healthcare Information Exchange is a cornerstone of the American Recovery and Reinvestment Act (ARRA) and effective information security is a critical success factor for organizations ranging from solution vendors to State HIE's," said John Abraham, Chief Executive Officer of Redspin.  "This is a complex and fast growing market that requires a focused offering to meet tough security, privacy and compliance challenges.  We have worked closely with leading organizations across this sector to structure a service offering that is specifically tuned to meet their needs.  We have developed a comprehensive solution that addresses key security concerns such as risk management process, operational problems such as incident response planning as well technical issues such as application security and virtualization management."

The major elements of the offering are outlined in the diagram below.

Information Security Area

Assessment Category




Personnel security, Physical security, Policies, Procedures

Risk Management

Risk management processes

Compliance and Audit


Information Management

ePHI management, Key management

Business Associate Oversight

Policies, Access management


Incident Response

Intrusion detection/prevention, Response planning

Business Continuity

Data backup, Disaster recovery, Business impact analysis

Personnel Security

Workforce Security and Security Awareness and Training

Physical Security

Facility Access Controls, Workstation Use, and Workstation Security


Data Security

Disposal, Encryption, Handling, Transit, Storage

Network Security

Architecture, Access control, Device management, Monitoring and event management

Systems Security

Access control, Policy review, Monitoring and event management, Virtualization management, System Hardening, Patch Management

Threats to healthcare information exchanges have grown substantially in the last year due to increased focus from cyber criminals, insider threat and rapidly growing adoption.  Redspin's information security assessment services enable customers to optimize their security programs and construct policy to respond appropriately. Early customers who have adopted the service have been able to respond to particular events such as regulatory audits and internal compliance requirements in an optimal fashion. Taken additively, the results of the assessment will lead to a structured security program where staffing, well defined responsibilities and effective security policies are the norm. The net result for customers has been business agility, effective security and rapid growth of the healthcare information exchange.

For additional information on Redspin's information security assessment solutions for healthcare, please visit us at:

About Redspin

Redspin delivers the highest quality Information Security Assessments through technical expertise, business acumen and objectivity. Redspin customers include leading companies in areas such as healthcare, financial services, media/entertainment, retail/ecommerce and technology providers. Some of the largest communications providers and commercial banks rely upon Redspin to provide an effective managerial, operational and technical solution tailored to their business context, allowing them to reduce risk, maintain compliance and increase the value of their business unit and IT portfolios.

SOURCE Redspin