Trillium’s client is an insurance payment integrity consulting firm with a rapidly expanding client base, creating an increased risk profile for data under its control. That growth, along with customer concerns about data security, caused the client to seek outside assistance in reviewing and auditing its physical and cyber security. Several factors contributed to the client’s concerns about security, including: a lack of security tooling or data; a soft security roadmap requiring review and remediation; existing improvements to security and analytics were neither aligned nor prioritized within the technology landscape; inconsistent HIPAA documentation; and, concerns about business continuity.
How We Solved It
Trillium reviewed and assessed the current state of the client’s security processes and technology, and drafted a risk reduction plan. Aspects of the project included: executing a HIPAA assessment security framework; creating a security risk assessment worksheet; creating a document laying out the highest priority tasks and a security roadmap; and, benchmarking risks compared to industry averages.
- Documented remediation has the potential to substantially reduce the client’s security risks
- Client has a path forward for consistent HIPAA documentation
- Customers and potential customers will have greater confidence in the client’s data security and privacy