There are three things that a health care organization should do immediately to avoid a data breach. They are:
- Execute Advanced Penetration Testing. Performing an advanced external penetration test is a strategic approach to identify weaknesses in network and application security, as would a hacker.
- Perform a Formal Risk Assessment. How will you know if you’re doing enough until you systematically identify the appropriate risks? An organized written risk assessment will identify what you need to be doing and what you don’t need to be doing. The old adage is true; first make the plan, then work the plan.
- Complete an Assessment of All Regulatory Requirements for HIPAA. Perform a GAP Analysis against the HIPAA standards to see where you need to make remediations to strengthen your information security.
Do you need help? We work on these issues all of the time and with multiple clients. Contact us before it’s too late.
Laurie Head is a co-owner of AIS Network.