|
|
|
Services |
EDUCATION
RISK ASSESSMENT
PROJECT MANAGEMENT
IMPLEMENTATION
COMPLIANCE EVALUATION
|
| |
|
|
Learn
what you need to know to become compliant. Instead of
just restating the federal rules, THE MARBLEHEAD GROUP walks
your organization through them and teaches you what they really
mean. We read between the lines and help you relate
the rules to your own organization's practices. In that
way, you can clearly see the issues and the impact.
Get
the foundation you need for successful HIPAA compliance by
learning the difference between privacy and security, discovering
what industry expectations and international security standards
are, and what common privacy and security terms mean.
|
| |
Peter
Drucker said, "If you can't measure it, you can't manage it."
Organizations need to see the whole picture of work to be
done before plunging ahead and suffering tunnel vision.
A solid plan lets you prioritize, schedule resources, and
track progress to completion - with confidence that you'll
make your deadlines.
So
how do you get a plan like that? THE MARBLEHEAD GROUP
performs privacy and security risk assessments (with a gap
analysis) for its clients, which form the basis of a workplan.
This will show you where your organization is deficient
- both in terms of containment of threats and vulnerabilities
to protected information, and in terms of compliance with
regulatory requirements. Those deficiencies become the
target of the tasks comprising your workplan.
|
|
THE
MARBLEHEAD GROUP helps organizations define new roles and
responsibilities to prepare you to address the project workplan.
We will develop the project workplan or assist you
in that effort. We provide project management expertise to
keep everyone on track. We provide HIPAA and healthcare
expertise to clarify HIPAA intent at a detailed level.
And we use our extensive background in this niche to help
you identify cost-effective, efficient, and compliant solutions.
|
|
THE
MARBLEHEAD GROUP provides guidance to your staff, or directly
performs tasks on your workplan if you choose. We do
this in such areas as development of policies, forms, procedures,
technical standards, and security RFPs if you are considering
new systems. Our services can also include preparing
your workforce education strategies and content, and providing
training.
|
|
HIPAA's
security rule requires periodic evaluations - or compliance
audits - of your security program. This is not just necessary
for regulatory compliance, but it is also good business practice
to ensure your investment in security is fruitful. A compliance
audit is an opportunity to formally evaluate the effectiveness
of your security controls. THE MARBLEHEAD GROUP examines
your current security posture and compares it to your policies
and standards, as well as to regulatory requirements and international
information security best practices. We bring an objective
and expert perspective to confirm your program's strengths.
And we identify weaknesses so your organization can address
them before they lead to problems. |
| |
|
| |
|
|
