Regulatory Compliance Services : HIPAA, PCI DSS


We were hired by a healthcare provider organization with about 10 hospitals and a number of ambulatory facilities to assist them with compliance initiatives. The engagement related to compliance with the HIPAA Security Rule, readiness for audits by the HHR OCR as well as compliance with the Meaningful Use regulation’s security core objectives for their Electronic Health Records (EHR) systems:

Working with the organization’s CISO and his team, we delivered the following successfully:

  • Security risk assessments of each of the organization’s acute care facilities
  • For each of the high risk areas identified, we developed a detailed  remediation plan for the hospitals across the organization and their information systems


Success Factors

  • Our healthcare industry expertise
  • Our thought leadership and extensive experience with security/privacy assessment and remediation services as well as healthcare regulatory compliance (HIPAA, Meaningful Use etc.)
  • Our comfort level in interacting with healthcare personnel of different backgrounds and at organizations of varying sizes and sophistication levels
  • Our ability to be detail oriented across People/Process/Technology aspects as needed even as we insist on the importance of a viable strategy and robust planning at the program level


Related Projects