Penetration testing is an integral part of your compliance plan, the increased number of health care record hacks and the resulting costs make penetration testing a valuable necessity.
Total HIPAA penetration testing replicates techniques used by hackers to determine how a
system will react to an attack, identify weaknesses, and determine what information can be
acquired. Penetration testing is performed from multiple angles: against public-facing servers
via the Internet, and against internal systems from within the network. In-depth scans are
performed against servers identified in the research process to determine exactly what
software is exposed to the outside world. Using a combination of open-source and proprietary
hacking tools, attacks are carried out on these systems, attempting to gain unintended access
to the servers.
Upon completion of testing, a detailed report is produced which includes a summary of steps taken to infiltrate company systems, missing/ineffective controls, action-items to secure the business organized in a timeline based on severity, and technical data to assist with remediation.
Sign up for Our Blog
May 14, 2019
Jason Karn, Total HIPAA Chief Compliance Officer, spoke with Greg Manson, Direct of Audit and Compliance at Carolinas IT, about the process of hiring a Managed Service Provider (MSP). In… Read More ›Read More
April 15, 2019
Jason Karn, Total HIPAA’s Chief Compliance Officer, recently spoke with David Smith, a nationally recognized healthcare benefits consultant and regulatory expert, to discuss how fully-insured, self-funded, and hybrid employee benefits… Read More ›Read More