Our Services

Healthcare IT Security


Health Information Security Pressures Continue to Increase

Your organization probably has first-hand experience dealing with a major information security breach. A breach can result in fines; even worse, they can seriously damage your company’s credibility, even market position. There may be other IT security concerns including:

  • Is our mobile medical record access truly secure?
  • What is our organizational risk in a prolonged data center outage?
  • Have our security technologies and processes kept up with new business models, particularly Accountable Care Organizations (ACOs) and Patient-Centered Medical Homes (PCMHs)?

Healthcare Information Security Adoption Model (HISAM)

Information security is a major concern for all healthcare organizations. The myriad of government and industry regulations make it hard to know where you stand in terms of information security and what improvements are needed to protect your organization against threats. Impact Advisors’ Healthcare Information Security Adoption Model (HISAM) is a tool that enables healthcare organizations to quickly measure current security posture, set goals and budgets for improvement, and track progress over time. A comprehensive assessment tool, the HISAM describes seven levels of security preparedness across three categories: Awareness, Technical and Behavioral.

To learn more about HISAM, click the icon below.

HISAM Web Page.docx

Impact Advisors Security Services: Context and Content Expertise

Trained, experienced IT professionals staff our engagements. Since we focus exclusively on healthcare, we understand its unique regulatory mandates and industry frameworks such as HIPAA and HITRUST. Our company is vendor-agnostic; regardless of your technology portfolio, we will help ensure information integrity and security.

While every client has unique security needs, our engagements typically involve one or more of the following activities.

  • Risk Assessment. Our security services follow leading healthcare security best practices. The work is minimally disruptive to staff and systems as no technical configurations of production or test systems are impacted. Policies and practices are reviewed to ensure they meet CSF guideline and/ documented procedures. A compliance scorecard is generated, corrective action plans developed where needed and dashboards are provided to project stakeholders and senior leadership.
  • Security Planning. Impact Advisors often assists clients with the security components of a healthcare IT strategy or architecture. We also facilitate vendor selections. All of our security services are based upon leading security and healthcare industry standards.
  • Security Remediation and Management. Impact Advisors can help scale your IT leadership team, whether that is leading a major healthcare security remediation project required by Audit or temporarily managing IT security operations.

Security services complement Impact Advisor’s other major service offerings, including IT Strategy Planning, Clinical and Revenue Cycle Implementation, and Infrastructure.