Home About Us Company Overview Careers Events News ICE Wins IT Service Provider of the Year ICE Relocates to New Data Center Facility ICE included in Inc. 5000 Solutions Solutions Overview Technical Solutions Network Assessment Wireless Site Survey OnSite Systems Administration Remote Systems Administration Helpdesk Support Product Procurement Clinic Solutions Clinic Software Selection Consulting Technology Design and Procurement AlwaysOn Hosting AlwaysOn Managed Services Performance Improvement Solutions Hospital Software Selection Information Security Audit CIO Advisory Services Project Management Project Change Control Quality Management IT Services Outsource Information Technology Assessment Post HIS Implementation Assessment Point of Care Technology Design and Planning Data Center Solutions Healthcare Information Systems Hosting Backup and Disaster Recovery Business Continuance Planning Product Procurement Healthcare Information Systems Vendors Resources Speakers Bureau Healthcare Articles Solution Briefs Links Case Studies HIPAA Security Audit Case Study Network Assessment Case Study Contact Us General Information Directions Learn More

search:

Information Security Audit

ICE has invested heavily in research and development of IT security practices as it relates to HIPAA. The result is ICE's unique Information Security Audit Methodology. The methodology follows the ISO 17799 Information Security Management Audit standard. We have incorporated into the ISO standard the HIPAA Security Rule Standards and Implementation Specifications.

The Information Security Audit Methodology assesses:

• Organizational security policy and practices
• Asset classifications and use policies
• Personnel security policy and practices
• Physical and environmental security elements
• IT operations
• IT access controls
• System back-up and recovery
• Risk analysis

How Does It Work?

Due to the critical nature of securing Electronic Protected Health Information (EPHI) and developing HIPAA compliance strategies, many healthcare providers are looking for help in the development or validation of security practices. To fulfill this request, ICE provides a comprehensive evaluation and risk assessment of the network infrastructure, physical work environment, and IT policies and procedures.

Network Assessment

ICE's Network Assessment will check configuration of all servers and general networking environment, assess network standards, identify security vulnerabilities, review IT self-support capabilities, document the network infrastructure and review for accuracy and adherence to best practices, identify gaps, and provide remediation recommendations.

IT Security Audit

Our security experts review required and recommended policies, IT assets, staff hiring policies, conditions for employment and security training, security of IT infrastructure, operational policies and operator activities, controls against malicious software, electronic information exchange practices, network controls, procedures and guidelines, password management and remote computing, and system back-up and recovery procedures.

Audit Deliverable

Audit findings are identified through interviews, observations and existing documentation. Recommended action items explain what technology and process changes are needed to address and correct the identified findings and issues.

The assessment will:

• Provide recommendations for network enhancements and improvements, detailing hardware and software options, and any necessary organizational changes that may be required.
• Provide a comprehensive risk assessment and final security audit report that describes the findings and identifies recommendations for achieving compliance.

To learn more about ICE Technologies’ Information Security Audit, contact us.

site map contact us privacy policy

© 2008 ice technologies all rights reserved