A regional hospital wanted to have a formal, yet flexible method of evaluating the business and operational risks and controls of their organization. They were seeking to evaluate and assess how technology and operational risks are managed and controlled, and to evaluate the overall risk exposure to them and their clients. Ultimately, they partnered with Drummond to have a comprehensive healthcare risk assessment to identify all their security risks.
The regional hospital team started by including their IT Security leader to be a part of the assessment to ensure alignment across the organization during the onsite assessment. Drummond’s team of highly qualified experts came onsite and worked with the cross functional team to conduct the assessment. Drummond ensured that the assessment compiled, and clarified information related to prevention and control technologies, practices, and their associated effectiveness which could reduce and/or eliminate risks. Additionally, the assessment summarized existing controls and provides recommendations for remediating any deficiencies.
The assessment focused on the highest-risk areas based on industry input and breach data analysis. Several critical risk areas were identified that were previously unknown to the regional hospital and their team. By focusing on the highest risks, the regional hospital was able to quickly remediate gaps and more effectively implement controls to mitigate the likelihood and impact of a breach of protected healthcare information. Drummond and the regional hospital team were able to provide senior management with an effective way to understand and appropriately mitigate risks to the organization with its management report. Additionally, the assessment summarized existing controls and provides recommendations for remediating any deficiencies.
Drummond encourages complementing your comprehensive healthcare risk assessment with our technical services to ensure all risks are identified. These technical services include vulnerability scanning, penetration testing, database assessments, social engineering attempts (such as physical, voice, email phishing), network security architecture assessments, and wireless assessments.
We are ready to help you incorporate continuous security and compliance practices into your organization and culture. Experience our team of highly skilled experts ready to collaborate with you and your team. Increase trust, gain expertise and experience our unique approach and attention to detail as we partner with you to achieve compliance, application conformance and protect your business with advanced cyber-security practices.