CyberCompass gave me confidence in our security posture for the first time in my 10 yrs working here!
John M. - CISO (Technology Firm)
How CyberCompass™ provided assessment, report, and remediation in four days to prevent a $500K HIPAA fine
Imagine finding your protected health information (PHI) on a widely known collaborative website. Not just your information, but that of thousands of patients. Thankfully, one patient immediately notified their medical practice who then sought the appropriate help, but the damage was done. When a seemingly impossible deadline to prepare an assessment and risk management plan was set, CyberCompass™ came to the rescue, preventing an estimated fine of $500k+ from HIPAA's OCR!
Not Prepared to Respond
The provider is a well- established healthcare practice with over 150 employed staff throughout 4 locations. They suffered a minor breach by today’s standards and reported the incident to HIPAA’s enforcing body, the Office of Civil Rights (OCR). As a result, OCR requested a risk assessment from the client. The original assessment, completed by the client’s attorney, was deemed inadequate.
An "Impossible" Demand
OCR required a formal assessment and risk management plan. The new law firm estimated a minimum fine of half-million dollars. Other companies quoted 10 weeks at double the cost for the assessment alone. With only 2 weeks to deliver, they found CyberCompass™.
The CyberCompass™ team, coupled with our powerful tool, was utilized to complete:
• Comprehensive assessment of twelve interview surveys
• Four facility inspections
• System vulnerability and compliance scans
• Generation of an audit-ready report; showing enterprise-wide and departmental risks
• Generation of Risk Mgmt. Plan and policies & procedures
CyberCompass™, with the unique capability for our consultants to perform multiple assessments simultaneously, made this all possible.
"HIPAA's OCR DISMISSED THE CASE, APPROVING ALL PROVIDED EVIDENCE WITH NO PENALTY!"
ONLY NEEDED 4 DAYS AT HALF THE COST TO PROVIDE THE ASSESSMENT, AUDIT-READY REPORT, AND RISK MANAGEMENT PLAN THEY NEEDED."
Are you prepared for a cyber incident or breach? Are you facing overwhelming deadlines or fines from a breach?
Email us to see how we can help you achieve Cyber Confidence!