CareTech Solutions Logo
banner image

Information Security

Information Security and Risk Assessment

CareTech Solutions helps you understand and comply with the requirements of the 2003 HIPAA Security Rule in order to develop a comprehensive, effective information security program.

Avoid penalties for security violations and lack of compliance

Fines can reach as much as $1.5 million per violation – but CareTech focuses your compliance effort on taking a risk-based approach to information security by offering you a thorough risk assessment.

Develop a cost-effective risk management plan

Of course you need comprehensive information security coverage to meet regulatory requirements and reduce your security risks, but it must also be cost-effective. CareTech assists you in developing a risk management plan that fits your budget.

Work with our certified, experienced information security professionals

In recent years CareTech has invested in specialized training and credentials for a team of experienced information security professionals, who are always available to you. They have well-respected industry certifications including:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Hacking Forensic Investigator (CHFI)
  • GIAC Web Application Penetration Tester (GWAPT)
  • Certified HIPAA Professional (CHP)
  • Certified Security Compliance Specialist (CSCS)
  • And many others

A thorough risk assessment includes at least the following elements:
  • Identify or establish a Security Governance Committee
  • Form a core risk-assessment project team
  • Develop and communicate a project plan
  • Evaluate compliance with the HIPAA security rule
  • Evaluate organizational policies, procedures, training, practices, etc.
  • Evaluate department-specific practices and risks {for each department with access to electronic Protected Health Information (ePHI)}
  • Evaluate application security risks (for each application with ePHI)
  • Perform a technical assessment
    • Evaluate key technical security practices
    • Vulnerability scan of all equipment
    • Wireless assessment
    • Web application assessment
  • Present findings and recommendations to the Security Governance Committee
  • Develop a risk management plan
  • Implement the risk management plan

  • Watch a Video

  • Getting to Meaningful Use, Mark Herzog, President and CEO, Holy Family Memorial

  • See More
  • Best in KLAS 2013

  • CareTech voted industry's best hospital IT outsourcing company for 6th straight year

  • Read More
  • Customer Insight to Strategic Considerations

  • San Luis Valley Regional Medical Center

  • Read More