How to Stay in Control of Your Patients’ Information.

One of the most essential elements of a HIPAA compliance program is security risk analysis, to “Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity and availability of electronic protected health information.”

In order to successfully conduct a risk analysis, you’ll need two of the most important tools in the healthcare provider's security tool chest: vulnerability scanning and penetration testing. While these two tools might not be “required,” per se, the risk analysis requirement imposes an obligation to identify and document the “risks and vulnerabilities to the CIA of ePHI,” which would be very challenging (if not impossible) to do without them.

You see, a penetration test evaluates the strengths of security controls on a computer system and network including administrative, physical, operational and technological controls. And a vulnerability scanner is a computer program designed to assess computers, computer systems, networks or applications for weaknesses. Together, they keep hackers out, and keep patients' sensitive data in.

Watch this on-demand webinar, What is Penetration Testing and Why Your Organization Needs One, to learn:

• What Are Penetration Testing and Vulnerability Scanning
• How They Are Different from Each Other
• When You Should Deploy Them into Your Environment