Understanding the increased cyber risks faced by today’s medical organizations, the Central California Ear Nose & Throat (CCENT) management team took their annual security risk assessment requirements to the next level. The chosen security firm not only had to meet all HIPAA/MACRA regulatory requirements but also perform an in-depth security review of all IT systems and medical devices, identifying and documenting areas of critical exposure.
Guided by the predominant requirement of patient privacy, Breadcrumb engineers developed a comprehensive security engagement specific to CCENT’s unique environment and business model. Over the course of the engagement, Breadcrumb systematically evaluated the network and medical devices for security vulnerabilities and areas of exposure. Mimicking real-world hacking techniques, Breadcrumb performed LIVE penetration testing, thoroughly evaluating the effectiveness of current prevention strategies and the responsiveness of CCENT employees to a cyber-attack. Leveraging the results of the engagement, Breadcrumb conducted the HIPAA/MACRA Security Risk Assessment, meeting all administrative, physical and technical safeguards.
Having applied real-world assessment strategies, Breadcrumb delivered a comprehensive report of CCENT’s security posture, accompanied by strategic goals with recommended implementation timelines. Subsequent recommendations were prioritized by cost and business impact. At the conclusion of the engagement, Breadcrumb provided an onsite workshop to all staff members, highlighting cyber risks within the medical industry. Having chosen Breadcrumb as their security partner, CCENT management moved forward with confidence in their security strategy.