Our industry-experienced healthcare compliance team will give you an objective view of potential risks and vulnerabilities to patient information, and we will ensure that your security, privacy, and compliance goals align with business goals and ultimately mitigate risk.
Top HIPAA/HITECH Assessor
We have performed 200+ assessments, which makes us a top performer in the industry. Our experience lessens the time and money you must expend for certification. All of our HIPAA and HITECH assessors are HITRUST certified, so they can gather evidence once, and help your company build the processes necessary to get from HIPAA to HITRUST.
Exclusive Engagement Methodology
We developed the Drummond Compliance System (DCS) to expedite the pre-assessment phase and evidence collection process to get your organization HIPAA/HITECH Certified as quickly and inexpensively as possible. Our clients have told us that they’ve saved as much as 50% in labor costs using our automation and engagement methodology.
No Jerks Policy
Let’s face it, auditors can be pretty dry. Why not work with people that are personable? You are going to be working with your HIPAA/HITECH Assessor for quite a while. Our people are pleasant to work with, and have a good sense of humor; just ask our references.
Comprehensive Healthcare Risk Assessment
Drummond comprehensive healthcare risk assessment is a formal, detailed, yet flexible method of evaluating the business and operational risks and controls of an organization. This important service provides senior management with an effective way to understand and appropriately mitigate risks to the organization with associated executive and line management reports. Its objectives are to evaluate and determine compliance with HIPAA, to assess how technology and operational risks are managed and controlled, and to evaluate the overall risk exposure to the company and its customers. It compiles and clarifies information related to prevention and control technologies, practices, and their associated effectiveness which could reduce and/or eliminate risks. Additionally, this assessment summarizes existing controls and provides recommendations for remediating any deficiencies. Drummond encourages complementing your comprehensive healthcare risk assessment with our technical services to ensure all risks are identified. These technical services include vulnerability scanning, penetration testing, database assessments, social engineering attempts (such as physical, voice, email phishing), network security architecture assessments, and wireless assessments.