Health IT Services

Risk Analysis PDF
Health IT Services

ecfirst

Health IT Services
On-Demand thru Managed Compliance

The HIPAA Academy™ offers the healthcare industry’s most flexible range of Health Information Technology (IT) services. What’s more is that the services are all based on flat rate pricing. that get even more valued based on the duration of service provided. The Health IT service options available now are:

  • On-Demand Consulting
  • Managed Compliance Services Program (MCSP)

On-Demand Consulting

You Can Do It, We Can Help!
Starting with a commitment of 40-hours or more, you can secure IT professional resources with experience in the healthcare industry across a broad range of skill sets. So be with project management, security professionals, compliance professionals, system analysts, network engineers or more, talk to ecfirst about your requirements and how we can help with staffing or collaborating with you on your project initiatives under our management with your objectives.

We at ecfirst refer to this Health IT consulting model as – “you can do it, we can help!” ecfirst resources may be applied to work along with your personnel to help support, manage or implement IT solutions or capabilities. For example, ecfirst can support your activities with specialized resources such as:

  • Project managers with experience as required
  • Technical professionals with extensive technical, compliance or security expertise

The scope of work may be executed on-site, at your site, or offsite, as determined by your organization. Time-lines, reporting structure and frequency are mutually determined. A sampling of possible tasks and activities include:

  • Develop and manage a Project Plan for IT project initiatives, such as Meaningful Use, or an EHR technology or application implementation
  • Perform Project Management duties and provide technical implementation assistance
  • Develop and manage policies to address proactive auditing
  • Deploy systems, applications or technologies
  • License assessment (software, application license audit)
  • Develop a program, procedures, and logs to combine and filter audit logs, network activity review, and application security access reviews
  • Assist in developing Incident Management capabilities, policy, and technical procedures
  • Review solution options to encrypt sensitive information in e-mail or portable devices

Managed Compliance Services Program (MCSP)

We Get It Done!
The Managed Compliance Services Program (MCSP) is the industry’s most unique and flexible managed services program. With the MCSP you decide what combination of services you contract with ecfirst to manage, and you determine the duration – one year, two years, three years or five years. The duration of the contract determines the flat rate discount you secure for the length of the contract. And, to top it, payments are monthly for the duration of the contract, with absolutely no interest, and nothing due upfront!

So you decide what service components are to be delivered by ecfirst in what timeframe. It’s amazingly, simple!

For example, are your internal resources stretched to capacity and you lack the necessary expertise to identify all compliance gaps and security vulnerabilities? Does your organization need to comply with regulations and standards such as the HITECH Act, State Regulations, HIPAA Privacy and HIPAA Security?

Regulations mandate organizations to maintain compliance with reasonable and appropriate safeguards in several specific areas. Compliance requirements drive critical activities that must be conducted on a regular schedule, typically annually. On a regular schedule, organizations must by law:

  • Assess compliance with the HIPAA, HITECH or State regulations
  • Assign responsibility to the security officer who is responsible for coordinating compliance and security initiatives
  • Conduct a comprehensive and thorough risk analysis including technical vulnerability assessment penetration testing)
  • Complete a Business Impact Analysis (BIA) for contingency planning and disaster recovery
  • Develop and update security policies and procedures
  • Train all members of the workforce
  • Audit the information infrastructure for compliance with the HIPAA Security Rule

Program Benefits
MCSP is designed to assist healthcare organizations and business associates manage compliance requirements, security and core components of the technology infrastructure. Key benefits of MCSP include:

  • Clearly defined deliverables to achieve compliance
  • Expert advisor assigned – serves as interim security advisor
  • Activities such as risk analysis, technical vulnerability assessment and business impact analysis conducted on a regular schedule
  • Policies maintained on a continual basis
  • Easily tailored to your organizational requirements
  • Very scalable program – can monitor and audit as required
  • Skilled resource pool with expert domain knowledge
    • Enables your staff to focus on your business and us on compliance
  • Fixed monthly fee
  • No interest

Further benefits of the MCSP include:

  • A team of experts keeps you up to date on regulations
  • We free up cycles to enable your staff to better focus on business-critical tasks
  • Depth in resource capabilities with trusted knowledge of legislation and client infrastructure
  • Smooth out volatility in resource demands and costs associated with managing information technology
  • ecfirst helps to minimize productivity losses from unexpected downtime

This chart summarizes key areas addressed by the ecfirst MCSP.
ecfirst

ecfirst’s Managed Compliance Services Program (MCSP).

The MCSP is designed to address your compliance, security and other technology implementation, support and management challenges. This program enables your organization to both lower costs and save time. The MCSP is a highly flexible and scalable service.

The MCSP provides a complete, end to end compliance service offering that can be tailored to meet your specific requirements.

About ecfirst, Home of The HIPAA Academy

Devoted To Our Clients. Delivering with Passion.
ecfirst, Home of The HIPAA Academy™, is a leader with rich hands-on experience delivering world-class services in the areas of:

  • Security regulatory compliance solutions (HIPAA, HITECH Act, PCI DSS, NIST and ISO 27000 Standards, State Regulations)
  • Compliance training and certification
  • HITECH data breach and incident response management
  • End-to-end Meaningful Use EHR Stage 1 objective driven services including gap assessment, risk analysis, reporting and more
  • Health Information Technology (IT) services including On-Demand Consulting (starting @ 40 hours), Management Compliance Services Proposal (MCSP), IT professional staffing and project management, customized portal development and security technology implementation

Compliance and Training Certification

ecfirst, home of the HIPAA Academy™, offers the gold standard in compliance training and certification. The HIPAA CHATM and CHP certifications are the only certifications recognized in the Industry. The ecfirst Certified Security Compliance SpecialistTM (CSCSTM) Program is the first and only information security program that addresses all major compliance regulations from a security perspective.

ecfirst delivers world-class information security and regulatory compliance solutions. With over 2,000+ clients, ecfirst was recognized as an Inc. 500 business – America’s Top 500 Fastest Growing Privately Held Business in 2004 – our first year of eligibility. ecfirst serves a Who’s Who client list that includes technology firms, numerous hospitals, state and county governments, and hundreds of businesses across the United States and abroad. A partial list of clients includes Microsoft, Symantec, HP, McKesson, EMC, IBM, Principal Financial, U.S. Army, U.S. Dept. of Homeland Security, U.S. Dept. of Veterans Affairs and many others.


Regulatory Compliance Practice

The ecfirst Regulatory Compliance Practice delivers deep expertise with its full suite of services that include; HIPAA Privacy Gap Analysis, Meaningful Use Risk Analysis, HITECH Data Breach, Technical Vulnerability Assessment, Policy and Procedure Development, Disaster Recovery Planning, On-Demand Consulting, as well as managed security and IT infrastructure solutions.

ecfirst Differentiators

ecfirst combines state of the art tools, the highest credentialed staff, and reporting that maximizes value, efficiency, and information for our clients to deliver the industry’s best technical vulnerability assessments.

Critical ecfirst differentiators include:

  • Home of The HIPAA Academy™ – First in the healthcare industry with the Certified HIPAA Professional (CHP) and Certified Security Compliance Specialist™ (CSCS™) programs
  • Highly credentialed professional consulting team with expertise in HL7, ICD-9/10, HIPAA, HITECH, Meaningful Use
  • Deep experience in the healthcare industry
  • Compliance based vulnerability assessments
  • Executive dashboards that may be tailored for senior management to highlight critical findings

Talk to ecfirst and you will find an organization that is passionate about the services we deliver and exceptionally devoted to its clients. We deliver value with intensity and are paranoid about our performance for your organization.