C A S E S T U D Y

Ensuring Security & HIPAA Compliance for a Growing Healthcare Business Service Provider

Learn how Concertium helped a major healthcare consulting company comply with HIPAA requirements by conducting a comprehensive risk analysis, addressing vulnerability gaps, and strengthening overall security posture.

Download Case Study

OVERVIEW

Our customer, a reputable staffing company and Healthcare Business Service Provider, was faced the challenge of demonstrating compliance with privacy and HIPAA regulations and enforcement of proper security policies due to their access to sensitive and private patient data.

At the time this customer came to us, it had already established a reputation of a trusted healthcare consulting company with over 300 clients and 500 consultants, supporting some of the largest healthcare systems and organizations with non-clinical experts. They were expanding rapidly, offering services that range from revenue cycle management and coding to compliance and IT support.

Despite being in the midst of rapid growth, the firm struggled to keep up with the ever-changing landscape of cyber threats and compliance requirements. In particular, there was concern about the vulnerabilities within their environment that could put protected electronic health information (ePHI) at risk.

RESULTS

Concertium provided the firm with a trusted partner who not only identified the gaps in their cybersecurity and IT environment but also remediated all issues and became an extension of their team to manage their cybersecurity and IT needs going forward. With our help, the healthcare firm successfully mitigated its compliance risks, met its customers’ HIPAA requirements, and preserved its existing engagements while continuing to grow its business securely.

Because of our proactive approach to cybersecurity, we not only improved their visibility and control but it also strengthened their overall security posture against evolving threats. Additionally, Concertium continues to provide responsive 24x7x365 support to ensure that our clients remain protected and keep sensitive customer data secure.

Contact us today to learn more about how we can help your healthcare firm achieve cybersecurity and HIPAA compliance with confidence.

AT A GLANCE

CHALLENGES

Difficulty keeping up with growth
Increasing number of personal devices
Lack of resources
No end-to-end visibility
Needed access controls in place
Insufficient business continuity plan
High risk of data exposure

OBJECTIVES

Understand current risk and get guidance with path forward
Mitigate existing compliance risk with engineer support
Achieve compliance for client audit
Gain full visibility and control of devices
Strengthen security posture and resiliency
Cut cyber insurance costs

SOLUTIONS PROVIDED



Comprehensive Risk Assessment

Conducted an initial assessment of their existing infrastructure and vulnerabilities

Ongoing Vulnerability Scanning

Executed continuous scanning of systems to proactively identifyvulnerabilities



Remediation

Led the effort to replace over 400 potentially compromised personal devices



Back-up & Disaster Recovery

Established a reliable business continuity plan with improved backup and recovery



Identity & User Management

Implemented better identity, access, and user policies and controls with MFA



Security Awareness Training

Organized and launched continual security training and phishing simulation campaigns



Managed Endpoint Detection & Response (MDR)

Deployed MDR to more accurately detect, investigate, and respond to evolving threats

}

24/7 Monitoring

Ongoing monitoring, management,and maintenance of IT infrastructure