Security, Privacy & Compliance Services

Security, Privacy & Compliance Services

Industry-leading expertise to help you build resiliency
Talk to an expert
iStock 1346223165.sec
BIK SPC 2023

Impact Advisors Earns Best in KLAS: Security & Privacy Consulting Services for 2023

The Best in KLAS Security & Privacy Consulting Services designation is awarded to firms who help organizations assess, enhance, and develop security and privacy programs through technical or advisory work, which should result in a more secure and private environment. Services include security risk assessment, HIPAA privacy assessment, virtual/interim CISO, and penetration, vulnerability, network web application, and security testing.

Impact Advisors received a score of 99.5 for Security & Privacy Consulting Services.

Learn more


Our team of healthcare security experts can help your organization improve compliance, identify risks, develop remediation plans, benchmark security posture, and track maturity improvement. Typical challenges we help address include:

  • Remaining compliant with federal regulations and audits
  • Preventing security incidents and breaches
  • Not getting expected value from current security partner
  • Hiring and retaining high-demand security talent
  • Failing to advance security posture year over year
Value Delivered

Minimized breaches, downtime, data loss and penalties

Threats will continue. Our objective is to fortify your defenses, reduce your risk, and put compliant procedures in place to lessen the impact of intrusions.

Experienced security leadership

Several of our experts have worked in CISO roles for healthcare organizations and are prepared to deliver that expertise to your organization virtually and cost-effectively.

Better security education and awareness

Improving organizational knowledge about safety and security and keeping staff well-informed of healthcare data security policy changes is critical to maintaining an impenetrable front line.

Improved operational efficiency

Safeguarding patient health information is an optimizable process. Our proven framework is designed to streamline and accelerate your team’s efforts.

Health information security pressures continue to increase. Cybercriminals are not only trying to infiltrate hospitals and health systems directly, they are also gaining access by targeting providers’ business partners.

How We Deliver Value

Impact Advisors offers a portfolio of security and privacy services designed to meet you where you are and get you where you need to be. From as-needed expert guidance to embedded, interim leadership to manage day-to-day, we partner with health organizations to assess current capabilities, define or validate objectives, and achieve them at a pace that makes sense for your organization.

iStock 1180355744.sec

Expert guidance when you need it to validate security direction, set goals, analyze current security posture, define an actionable plan, or provide education and awareness to business and IT executives on proactive safeguarding procedures.

iStock 1355638834.sec

Experienced, executive-level security professionals who will seamlessly lead your security program, initiatives, and teams until a permanent and suitable candidate is identified.

iStock 1323226102.sec

An evaluation of your organization’s risk tolerance and current security and compliance policies, controls, and activities. Building on the NIST Cybersecurity Framework (CSF) and other industry standard models, we identify weaknesses or gaps and offer pragmatic recommendations to shore up your defenses.

iStock 690153544.sec

A thorough review of your organization’s current security program (people, process, and technology) or posture, delivering a clear understanding of strengths and opportunities for improvement, along with an actionable, prioritized roadmap for advancing the maturity of your security program, teams and leadership over time.

iStock 1325306868.sec

Impact Advisors provides strategic and advisory services associated with the various rules, standards, and regulations applicable to providers and healthcare organizations including 21st Century Cures, Interoperability and Patient Access, Physician Fee Schedule (PFS), Outpatient Prospective Payment System (OPPS), Inpatient Prospective Payment System (IPPS), Stark and Anti-Kickback Statue (AKS), TEFCA, No Surprises Act, etc. We also offer governance and implementation assistance associated with various aspects of these rules including MIPS/MACRA, Information Blocking, EHI Sharing, EHI Export, Price Transparency, HL7, RESTful and FHIR API, OAuth, etc.

iStock 1336250964.sec

Meticulous preparation for the impacts of potential disruptive events, including a formal plan to recover systems expeditiously as well as administrative, physical, and technical safeguards to ensure business continuity.

Strong Stories.
Detailed Experiences.
Case Studies.

We helped an integrated health system develop an information security vision, attain attestation of their Information Security Program, and move to a more mature stage (increased CMMI score 14 points across 23 categories for an overall score of 2.04), enabling improvement of their organization-wide security awareness and reduction of overall security risk.


increase in CMMI score

All case studies

Our Leaders

Mike Garzone
Marc Johnson

Our Leaders

Mike Garzone - Security & Compliance Practice Leader

Mike is an accomplished healthcare consulting executive. During his career of over 30 years, he has developed and managed large, multidiscipline teams delivering enterprise-scale solutions for application integration, information management, enterprise resource planning, and advanced infrastructure.

Marc Johnson - Security & Compliance Practice Expert

Marc is a performance-driven, C-level information security leader with a long history of driving complex, enterprise-scale technology security programs envisioning to value realization. a proven track record of building and guiding diverse teams toward actionable goals (PCI, HIPAA, GLBA, etc.) and results.

No results found :(
Insights 01

Insights 01

Ready to join the team?
Start making
your impact today!

If you are passionate about improving healthcare, we’d like to know you. Check out our current list of openings or talk to one of our recruiters!

Our openings

iStock 1355277961.sec