Goal: to hear from PEAKE experts about the changing cyber security landscape and how PEAKE’s healthcare SRA ensures that medical practices remain compliant while truly protecting from a data breach.
PEAKE Technology partners helps medical practices leverage technology as a tool to grow their practice and care for more patients. We’ve built a robust offering that includes Managed IT services, our own proprietary phone system called PEAKE Voice and Data Security solutions… which includes our focus here today: our security risk assessment offering.
Q. Why is a Security Risk Assessment something that practice leaders need to pay attention to?
- Required to remain in compliance with HIPAA regulations.
- Now more than ever, Cyber insurance companies are applying a greater level of scrutiny to security practices. Specific security controls must be applied within an organization in order to reduce cost or even qualify for coverage.
- More importantly, it’s the real threat of compromise and what that can cost a practice. It’s important to be aware of where your organization’s vulnerabilities are and to be able to make informed business decisions based on that information and to know where to apply resources.
- The first step in cyber defense is: Threat Detection. A Security Risk Assessment will provide that awareness and understanding of any threats and vulnerabilities in your organization.
“The first step in cyber defense is: Threat Detection.”
– Mary Knotts, CISSP, COO at PEAKE Technology Partners
Q. What have you seen regarding cyber attacks in the healthcare industry?
- A lot. There have been for the last couple of years. In 2020, about 34 million patients were affected by a cyber security attack; and, in 2021, that number jumped 32%. That is data from about 45 million patients affected in a breach of some kind.
- In the last quarter of 2020, we saw that over a dozen hospitals, plus a medical manufacturing company, a cardio practice, and a gastro health clinic have to notify over 4.5 million of their patients that they had been breached and that private health information may have been stolen.
- Locally, we know of a medical practice breach that resulted in a cost of over $100,000 and a government investigation. Critical services were down, crippling the practice for two days plus another eight days until they were fully restored. During that time, thousands of patients were affected both with the services not being available and with their medical data being stolen or breached.
Q. PEAKE has long provided a Security Risk Assessment; Why make the change now?
- Many SRAs that are designed to fulfill a requirement: to conduct a risk assessment. That can be done easily through a website form; checking boxes on an online tool.
- Based on our experience a more strategic approach for healthcare environments is needed.
- At PEAKE, we are not interested in just getting by with the minimums. We offer medical practice leaders a way to truly protect their practice from cyber attack. As an organization that is entrenched in healthcare IT, we understand the pressures on growing medical practices. Our mission is to allow those medical professionals to focus on the business of care without even worrying about technology or cyber threats.
Q. A PEAKE Healthcare SRA gives practices a choice between two packages (Compliance SRA and Max SRA). Can you help us better understand what is in each of these solutions?
- We’re very proud of our latest SRA offering. We’ve worked really hard to get to this generation. We provide as much proactive behavior and it is possible.
- We have a new Compliance SRA that is a PEAKE proprietary tool we use to evaluate every aspect of the practices HIPAA compliance posture. This Compliance SRA provides insight into the areas of technical and data security. If you don’t currently meet the HIPAA compliance standards, this is the right way to see that. It makes it very visible and we know exactly what to move forward with. We also provide proofing documentation that you can use for insurance purposes; Such as Network scans really prove that you are having compliance implementation.
- Our Max SRA: a comprehensive full set of modules that add to the Compliance SRA with more granular analysis of vulnerability scans proactive evaluation of the implementation of Technology procedures cyber security training, email phishing training, written policy support to ensure that the disassemble all the policies that they need to be in line with the compliance physical audits to ensure that the physical security, access properly testing and verification of a practices data backup which as we know is critical we need to make sure that the integrity and the availability of your backup solution is tested and it’s proven in case of a need to restore and an action plan of recommended remediation to help a practice extend beyond mere compliance. We want to get you a step further.
- We have the resources needed to assist with the remediation effort because that can be a lot.
“We’re really not interested in just getting by with the minimums. We want to offer medical practice leaders a way to truly protect their practice from cyber attack.”
We believe that these new service offerings will help you secure and scale your organization. To learn more about PEAKE’s Healthcare SRA, you can call 866.35-PEAKE or visit peaketechnology.com/sra.
To request a PEAKE Healthcare SRA, simply use our contact options to schedule a call with a PEAKE Practice Advisor. After a free consultation, you’ll receive a proposal and introduction to a PEAKE security expert to guide you through your SRA process.
We are happy to help. PEAKE is driven to help our clients seamlessly grow their organization and care for more patients.
Thank you for joining in. Thank you to Elisabeth and Mary. And we look forward to working with you soon.
About PEAKE Technology Partners
Founded in 2013 and headquartered in Bowie, Maryland, PEAKE is a regional leader in healthcare technology services for private medical practices. PEAKE has assembled a team of experts, its own data center with private cloud services, and a healthcare-focused VoIP platform to ensure PEAKE clients have reliable, secure technology that runs seamlessly so providers can focus on their patients. Learn more at peaketechnology.com/sra