C A S E  S T U D Y

Ensuring Security & HIPAA Compliance for a Growing Healthcare Business Service Provider

Learn how Concertium helped a major healthcare consulting company comply with HIPAA requirements by conducting a comprehensive risk analysis, addressing vulnerability gaps, and strengthening overall security posture. 

OVERVIEW

Our customer, a reputable staffing company and Healthcare Business Service Provider, was faced the challenge of demonstrating compliance with privacy and HIPAA regulations and enforcement of proper security policies due to their access to sensitive and private patient data.

At the time this customer came to us, it had already established a reputation of a trusted healthcare consulting company with over 300 clients and 500 consultants, supporting some of the largest healthcare systems and organizations with non-clinical experts.  They were expanding rapidly, offering services that range from revenue cycle management and coding to compliance and IT support.

Despite being in the midst of rapid growth, the firm struggled to keep up with the ever-changing landscape of cyber threats and compliance requirements.  In particular, there was concern about the vulnerabilities within their environment that could put protected electronic health information (ePHI) at risk.

RESULTS

Concertium provided the firm with a trusted partner who not only identified the gaps in their cybersecurity and IT environment but also remediated all issues and became an extension of their team to manage their cybersecurity and IT needs going forward. With our help, the healthcare firm successfully mitigated its compliance risks, met its customers’ HIPAA requirements, and preserved its existing engagements while continuing to grow its business securely.

 

Because of our proactive approach to cybersecurity, we not only improved their visibility and control but it also strengthened their overall security posture against evolving threats. Additionally, Concertium continues to provide responsive 24x7x365 support to ensure that our clients remain protected and keep sensitive customer data secure.

Contact us today to learn more about how we can help your healthcare firm achieve cybersecurity and HIPAA compliance with confidence.

AT A GLANCE

CHALLENGES

  • Difficulty keeping up with growth
  • Increasing number of personal devices
  • Lack of resources
  • No end-to-end visibility
  • Needed access controls in place
  • Insufficient business continuity plan
  • High risk of data exposure

OBJECTIVES

  • Understand current risk and get guidance with path forward
  • Mitigate existing compliance risk with engineer support
  • Achieve compliance for client audit
  • Gain full visibility and control of devices
  • Strengthen security posture and resiliency
  • Cut cyber insurance costs

SOLUTIONS PROVIDED

Comprehensive Risk Assessment

Conducted an initial assessment of their existing infrastructure and vulnerabilities

U

Ongoing Vulnerability Scanning

Executed continuous scanning of systems to proactively identifyvulnerabilities

Remediation

Led the effort to replace over 400 potentially compromised personal devices

Back-up & Disaster Recovery

Established a reliable business continuity plan with improved backup and recovery

Identity & User Management

Implemented better identity, access, and user policies and controls with MFA

Security Awareness Training

Organized and launched continual security training and phishing simulation campaigns

Managed Endpoint Detection & Response (MDR)

Deployed MDR to more accurately detect, investigate, and respond to evolving threats
}

24/7 Monitoring

Ongoing monitoring, management,and maintenance of IT infrastructure

Learn how Concertium helped a major healthcare consulting company comply with HIPAA requirements by conducting a comprehensive risk analysis, addressing vulnerability gaps, and strengthening overall security posture.