"> Comprehensive Healthcare Risk Assessment CHRA – Drummond Group

Comprehensive Healthcare Risk Assessment (CHRA)

  • CASE STUDY

    A regional hospital mitigates risks with Drummond

Drummond comprehensive healthcare risk assessment is a formal, detailed, yet flexible method of evaluating the business and operational risks and controls of an organization.

This provides senior management with an effective way to understand and appropriately mitigate risks to the organization with associated executive and line management reports. Its objectives are to evaluate and determine compliance with HIPAA, to assess how technology and operational risks are managed and controlled, and to evaluate the overall risk exposure to the company and its customers. It compiles and clarifies information related to prevention and control technologies, practices, and their associated effectiveness which could reduce and/or eliminate risks.

Additionally, this assessment summarizes existing controls and provides recommendations for remediating any deficiencies. Drummond encourages complementing your comprehensive healthcare risk assessment with our technical services to ensure all risks are identified. These technical services include vulnerability scanning, penetration testing, database assessments, social engineering attempts (such as physical, voice, email phishing), network security architecture assessments, and wireless assessments.

Increase trust, gain expertise and experience our proven approach and attention to detail with a security first approach with our CHRA and these services:

Small Practice Healthcare Risk Assessment

Drummond leverages the requirements set forth in the HIPAA Security Rule in conducting information security risk assessments, as well as those processes found in NIST 800-30. This assessment focuses on the highest-risk areas to healthcare organizations based on industry input and breach data analysis. By focusing on the highest risks, healthcare organizations can quickly identify gaps and more effectively implement controls to mitigate the likelihood and impact of a breach of PHI.

HIPAA Gap Assessment

Drummond’s HIPAA Assessment helps organizations assess their current security control implementations against the HIPAA Security Rule to identify potential gaps in compliance with respect to the confidentiality, integrity, and availability of protected health information (PHI). For this assessment, HIPAA requirements are focused on Administrative Safeguards, Physical Safeguards, Technical Safeguards, Organization Requirements, Policies and Procedures, and Documentation Requirements. The report details the information gathered from Drummond’s review of the information technology environment, identifies gaps in the areas assessed, and provides recommendations for improvement.

Policy and Procedure Review

Drummond can assist your organization by providing a complete review of HIPAA policies and procedures to ensure you are compliant with the Security Rule and identify any potential gaps in compliance. Additionally, Drummond offers a Policy and Procedure template that we can assist with getting implemented in your operating environment to help ensure HIPAA compliance is met.

HIPAA Subject Matter Expert (SME)

Drummond can assist your organization by providing a complete review of HIPAA policies and procedures to ensure you are compliant with the Security Rule and identify any potential gaps in compliance. Additionally, Drummond offers a Policy and Procedure template that we can assist with getting implemented in your operating environment to help ensure that HIPAA compliance is met.

The People of Drummond are here to help!

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
Our website uses cookies, some from third-party services. Define your Privacy Preferences and/or agree to our use of cookies.