|
|
 |
|
|
 |
|
|
|
| Solutions
We Offer |
Benefits |
Comprehensive
Information Security
From requirements assessment and threat analysis
to network monitoring and security testing, we
offer IT security solutions and support in the
full information assurance lifecycle.First, we
assess your organization’s information security
needs and goals, identify threats and potential
losses, and design appropriate system security
components. We then implement software plans,
policies, and procedures
to ensure that your information
is not only safe and confidential, but accurate,
reliable, and available.
This involves:
- Implementing audit trails to track
activities at the operating system and
application level
- Analyzing performance logs to identify
attacks or application/system/network
delay or failure
- Establishing identification, authentication,
and access control measures
|
Security Certification and Accreditation
We offer services in security certification and
accreditation, providing clients with the technical
support and training they need to maintain a secure,
reliable IT infrastructure and network.
This service
involves:
- Identifying system security threats
and vulnerabilities
- Preparing plans to test and validate
system security measures
- Implementing data integrity verification
programs to detect and prevent unauthorized
file tampering
- Configuring notification processes
that automatically send e-mail or pager
notifications of infrastructure or security
issues to on-call workers
|
Adverse Event Reporting
and Disaster Recovery
We specialize in designing and configuring system
software that supports adverse event reporting
and disaster recovery needs.
This involves:
- Developing protocols for responding
to and resolving security incidents
- Developing disaster recovery plans
to ensure continued system operation
- Designing and providing consulting
for contingency plans
|
Security Policy Development
Our experts provide assessment, consulting, and
configuration management services in order to
develop a set of security policies and procedures
for your enterprise security system.
This involves:
- Assessment of your work environment
and development of appropriate security
policies
- Defining and publishing the responsibilities
and rules of behavior for system users
- Helping senior management distribute
and implement policies, and ensure that
the environment is configured to comply
with the policies
|
Training and Technical
Support
We provide ongoing software support, maintenance,
and configuration and change management so that
your staff can quickly adapt to the security system
put in place. |
Systems
Administrators and Information Officers
- Compliance with HIPAA patient security
standards
- Better equipped to respond rapidly
to adverse events or threats to your information
system
- Enhanced contingency plans and training
for business continuity
- Increased ability to recover critical
patient and research data in the event
of disaster
- Streamlined procedures for efficiently
preserving the quality, integrity, and
confidentiality of enterprise data
|
Government Agencies
- Compliance with HIPAA patient security
standards and other Federal security requirements
- Protection from unauthorized access
to secret or sensitive government information
|
Researchers
- Secure, up-to-the-second access to
biotherapeutics data that is authentic
and reliable
- Ability to securely back up massive
volumes of clinical trials research data
types
- Availability of authentic and reliable
data
- Protection from the loss of critical
research data that has been electronically
collected and stored over long periods
of time
|
Care Providers
- Secure, reliable access to critical
patient records and administrative data
- Ability to base patient treatment choices
on reliable, up-to-date information
|
Patients
- Secure, reliable access to medical
health records
- Ability to base health-related choices
on reliable, up-to-date information
- Increased confidentiality and security
of sensitive medical records and transactions,
such as billing, test results, and drug
prescriptions
|
|
Our Technical Approach
We begin with extensive requirements assessment and planning.
Specifically, we analyze critical, sensitive information
stored within, procured by, or transmitted by your enterprise
information system based on the following criteria:
- Availability
Information or services that must be available
on a timely basis to meet business requirements
- Integrity
Information that must be protected from unauthorized,
unanticipated, or unintentional modification
- Confidentiality
Information that requires protection from unauthorized
disclosure
|
To meet protection requirements, we classify information
sensitivity as low, medium, or high.
Next, we develop comprehensive procedures, policies, and
contingency plans regarding information access, database
management, security, and disaster recovery. We then provide
systems administrators with security awareness and training
related to these areas. We also
provide ongoing consulting
and technical support to help the client adapt to newly-implemented
solutions.
|
|
|
 |
|
| |
|
