Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/27/2010
02:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Redspin Delivers Expanded HIPAA Security Assessment Service For Healthcare Providers

Redspin's HIPAA security assessment service helps healthcare providers answer fundamental questions regarding their information security, privacy and compliance programs

CARPINTERIA, Calif., July 27 /PRNewswire/ -- Redspin, a leading provider of information security assessment services today announced an additional HIPAA security assessment service offering for the healthcare industry segment. The service offering directly addresses requirements of the HIPAA security rule and HITECH act through a risk-based approach that identifies gaps and IT environment and HIPAA security rule requirements.

"Hospitals and IDNs are faced with a challenging task as they must maintain an effective security program to protect patient data, seek efficient mechanisms to meet the security and privacy requirements of the final meaningful use rule and remain consistently compliant with HIPAA regulations," said John Abraham, Chief Executive Officer of Redspin. "The HIPAA security assessment service offers healthcare providers significant advantages in two critical areas - reducing liability and providing the security foundation to enable business efficiency as organizations seek higher patient throughput, increased quality of care, lower administrative costs, and faster revenue collection."

As of July 22, the official federal list of major healthcare information security breaches included 119 incidents affecting almost 5 million Americans. Redspin's HIPAA security assessment service helps healthcare providers answer fundamental questions regarding their information security, privacy and compliance programs including the following areas:

-- Are we in compliance with the HIPAA Security Rule? -- Do we have a high risk of data breach of ePHI? -- Can a cyber criminal access our internal data/systems from the Internet? -- Are sufficient controls in place to prevent insider or business associate data theft? -- Where should we focus our resources to protect ourselves from a data breach? -- Is the equipment we've purchased being used effectively?

The assessment service provides a comprehensive review of a healthcare provider's infrastructure, security processes, policies and procedures. The primary deliverable is a gap analysis to the standards defined in the security rule of the administrative provisions set forth in title II of the HIPAA regulatory requirements. The service also includes benchmarks to compare with information security program effectiveness with others in the industry as well as recommended actions to meet meaningful use goals and measures as outlined in the final rule.

About Redspin

Redspin delivers the highest quality Information Security Assessments through technical expertise, business acumen and objectivity. Redspin customers include leading companies in areas such as health care, financial services, media/entertainment, retail and technology providers. Some of the largest communications providers and commercial banks rely upon Redspin to provide an effective managerial, operational and technical solution tailored to their business context, allowing them to reduce risk, maintain compliance and increase the value of their business unit and IT portfolios.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5641
PUBLISHED: 2020-11-24
Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors.
CVE-2020-5674
PUBLISHED: 2020-11-24
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2020-29002
PUBLISHED: 2020-11-24
includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator.
CVE-2020-29003
PUBLISHED: 2020-11-24
The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
CVE-2020-26890
PUBLISHED: 2020-11-24
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into the r...