INFORMATION
SECURITY & PRIVACY CONSULTING
FOR
THE HEALTHCARE INDUSTRY
|
The
Marblehead Group, Inc. is dedicated to privacy and information
security, particularly in the healthcare industry where compliance
is mandated. We specialize in helping clients understand
the real intent of the HIPAA rules and government expectations,
and then helping them to comply. We work with clients
to identify, assess, and mitigate their privacy and security
risks to meet reasonable due diligence and regulatory compliance.
The
Marblehead Group has been an expert security and privacy consultancy
to the healthcare industry since 1999. Our client list
covers the full spectrum of the industry including:
•
integrated healthcare delivery systems
• academic medical centers
• community hospitals
• small provider groups
• government agencies
• health plans
• business associates such as software vendors
• healthcare professional associations
The
unique qualifications of founder Kate Borten, CISSP, CISM,
and our exclusive focus on healthcare security and privacy
mean that our clients get the best.
|
| Security
rule
compliance tips
- Include
the administrative and physical components of security
- not just the technical aspects - in your risk analysis.
- Put
your information security officer (ISO) in
a reporting
relationship
with necessary authority to carry out the security
mission. For example, have the ISO report to
both your CIO and CEO.
- Document
other security roles and their responsibilities, such
as your information owners. Train personnel
in these roles, and hold them accountable.
|
|
