We provide a highly qualified, independent, and experienced lens on cybersecurity and vendor controls, including a collaborative look at your IT / Managed Service Provider (MSP) monitoring control processes, using our proprietary risk assessment tool, which is based on the National Institute of Standards & Technology (NIST) Cybersecurity Framework. For HIPAA, this is also mapped to HIPAA Implementation Specifications as well to cover your annual security risk assessment requirement.

We are heavily credentialed and bring over a decade of international IT security & IT audit / compliance experience, coupled with 7 years as Audit & Compliance Officer in national healthcare and 4 years of IT security leadership in Top Ten Accounting Firms, to ensure your customer and patient data, reputation, and operations are secure.

The cost makes sense. Pricing and a detailed proposal follows our complimentary preliminary scoping risk assessment. We are here especially to serve physician practices, healthcare business partners, large health systems, accounting and law firms, and Registered Investment Advisors (RIA’s) with cybersecurity and privacy compliance.

We don’t just ask if your controls are in place, we verify them, working collaboratively with your IT team / MSP to ensure best practice and effective security is in place. Our recommendations often result in little or no incremental cost to the client, because we know how to right-size controls with your IT Managed Service Provider and ensure you are protected.

We also inventory and review required components of critical vendor Business Associate Agreements, Managed Service Agreements, and Service Organization Control (SOC 2) reports to ensure you are protected with your vendors and teaming partners, in compliance, and there is clear understanding and assignment of responsibility.

We listen to your interests and plans so that our control solutions map to your objectives, and so that delivery is efficient and collaborative. Our tool is scalable to your operations and we have deep experience with effective, right-sized security controls and information privacy regulatory compliance such as HIPAA.

For physician practices, our methodology includes your Annual HIPAA Privacy and Physical Security Assessment.

We offer onsite and online HIPAA and Cybersecurity Awareness Training for your team to satisfy your annual requirements and provide a more effective, personalized training experience.

We can also help with efficient and effective policies and procedures mapped to the NIST Cybersecurity Framework and HIPAA Implementation Specifications.

It makes sense to have us take a look, and we are here to help!