FishNet Security has extensive experience in the healthcare industry. With nearly 300 healthcare clients serviced in 2011 alone, and successful engagements with over half of the top 10 hospitals as ranked by U.S. News and World Report, our consultants have significant expertise in understanding and solving the unique challenges of healthcare providers.
Successfully Implement IAM within Your Healthcare Organization
Healthcare organizations possess unique attributes that can provide significant barriers to achieving a mature state regarding efficient, comprehensive Identity and Access Management (IAM). Managing the growing multitude of clinical and non-clinical applications and HIT systems is enough to quickly overwhelm the best-staffed and most well-funded IT teams. Further complicating the healthcare IAM scenario is a combination of business and regulatory challenges overlaid by the unique requirements of the healthcare industry. A summary of those challenges include:
- Improving Healthcare Staff Productivity & Enabling Better Patient Care
- Establishing Effective Auditing, Compliance & IT Controls
- Automating Clinical & Business Application Provisioning While Leveraging Existing Investments
- Alleviating the Help Desk Burden & Reducing Clinician Downtime With User Self-Service Features
- Providing a Flexible, Scalable IAM Platform that Accelerates the Future CIS Deployments
FishNet Security's Clinical Application Resource Extension (CARE):
In collaboration with Microsoft, FishNet Security has developed a solution to provide the integration between identity management platforms and clinical applications. The Clinical Application Resource Extension (CARE) solution provides the critical link to provide automated, certified and secured workstation access to enable better patient care and improve clinician productivity. In addition, CARE in combination with Microsoft Forefront Identity Manager, enables healthcare providers to achieve more industry-agnostic business objectives for IAM, including reducing costs, such as those associated with replacing manual and help desk processes with self-service capabilities, and improving security posture, regulatory compliance and business visibility.
Healthcare Security Solutions
Wide array of Application Security Services to include:
- Application Scanning (Vulnerability Scanning, OWASP Top 10)
- Application Run Time Analysis (Penetration Testing of Running Application, authenticated and unauthenticated validation)
- Source Code Review (Line by line evaluation of code against established secure coding principles)
- Application Threat Modeling (Analysis of applications currently in development to find vulnerabilities and weaknesses before application goes live)
Data Security – identification and classification of PHI and PCI data across the environment
GRC – audit preparedness for compliance with HIPAA/HITECH standards
Identity and Access Management – dedicated and experienced practice with deep healthcare experience and over 60 highly trained IAM specialists.
Incident Response – dedicated SWAT team for immediate deployment for investigation and analysis of breaches
FishNet Security Advantage:
- Proven, repeatable and scalable security methodology to solve for the full 360-degree spectrum of information security challenges facing global organizations and enterprise clients.
- Experienced and certified information security professionals with experience conducting similar engagements.
- Successful execution of IAM projects for some of the nation’s most respected healthcare institutions ranging from IAM workshops to complete IAM lifecycle implementation.
- Performed several projects for one of the largest healthcare service providers, including Perimeter Network Penetration Testing, Internal Network Penetration Testing, Host Assessment and vulnerability assessment tools integration.