The Health Insurance Portability and Accountability Act (HIPAA) is designed to protect the usage and disclosure of patient records. The Covered Entities that are required to comply with the Act are mandated to adhere to both the Privacy Rule and the Security Rule. Failure to comply with these rules can result in fines and for more serious violations, even prison sentences.
|
|
|
|
Nettitude provides services to help the following types of Healthcare organizations.
- Health Care Providers
- Health Plans
- Health Care Clearing Houses
|
|
As part of the Security Rule, Organizations need to ensure that they have appropriate administrative, physical and technical safeguards in place to protect the confidentiality, integrity and security of electronic Protected Health Information (PHI). Nettitude can provide services and solutions that assist against all of these requirements. In particular, Nettitude’s testing and auditing services can help organizations to address the following:
- Provide strong access controls: - Nettitude’s Penetration Testing can help an organization assess the quality of their access controls? Do the policies and procedures work? Does the firewalling work effectively? Do the application access controls achieve the intended objectives? Is it possible to bypass the access controls and gain access to PHI?
- Assess organizations auditing controls? If unauthorized users attempt to gain access to PHI, is there appropriate logging and auditing? Is it possible for an intruder to bypass the audit trail, or even delete the audit trail? Nettitude’s Penetration Testing can assess all of these concerns, whilst providing strong guidance on how audit controls can be optimized.
- Can the data be modified? Can data integrity be compromised? Nettitude’s Penetration Testing services can assess whether users can manipulate their user id’s to gain access to unauthorized or privileged information.
- Transmission Security: Nettitude’s testing services can identify whether unauthorised users can access to sensitive PHI through the Internet and through other public networks such as WIFI or 3G/4G.
Nettitude is able to offer advice and guidance to all sizes of organizations that are required to comply with HIPAA. Our team of security experts understand the best ways to test for security vulnerabilities that could result in a breach in PHI, whilst providing proactive advice and guidance on how to manage your risks moving forward.
|
To find out more about how Nettitude can help you comply with HIPAA, please complete our contact form and a security consultant will respond to your enquiry.