The Health Insurance Portability & Accountability Act (HIPAA) requires healthcare organizations, including business associates, to protect any and all systems that contain ePHI and including any sensitive data in transit, within and external to their organization as part of their compliance program.
Expedient Solutions cybersecurity group will work with your business stakeholders and IT group to identify the best target assets for your HIPAA assessment, defining the content discovery policies and rules, including databases, file shares, servers, PST / OST files and desktops.
Assessment deliverables include reports detailing policy transactions to help establish answers to the critical questions such as:
- “Where does our ePHI reside?”
- “Where is our ePHI data going?”
- “Who is sending our ePHI data?”
- “What ePHI data is being synced up to someones Dropbox?”