FAQ'S

HOW DOES THE SERVICE WORK?

Developing a Cybersecurity Governance program starts with organized  documentation system. We have developed this for countless companies and can do the same for your organization. 

With our expert Cybersecurity knowledge we partner with your management team and IT Support vendors using the latest safe collaboration tools(Office teams, Zoom, Webex, etc..) to schedule 2-4 process review meetings, to make this as efficient as possible understanding the heavy load staff is encountering so we make this experience as non-disruptive as possible.

 

With our tools we capture the essence of your current cybersecurity governance program and develop the Policies and Procedure documentation system for your organization. 

Our 28 years of providing IT Tech consulting has earned us a solid reliability reputation and credibility so we make this process as efficient as possible.

It's all Texas based, DFW is our home.

HOW MUCH DOES THE DOCUMENTATION COST?

Cost for completing the Cybersecurity Governance, Security Policy and Procedures, Onboarding-Exit Docs and/or Risk Analysis will depend on several factors: How big is the company(#employees), # of locations, complexity of Information systems and availability of key resources; Security Officer, Internal or External IT Support person and Management team for process review conference calls.  

WHERE TO START?

Call our office to discuss your needs or send us an email via the Contact Page. 

DO WE SELL HARDWARE?

No we do not sell computer or network hardware, we don't offer hardware repair either. We can spec and recommend hardware for every part of your infrastructure, it's up to you to buy or lease equipment.  

DO WE SELL SOFTWARE?

No we do not sell software. We can spec and recommend software for every need.

FOR HEALTHCARE, DO WE COVER ALL HIPAA REGULATIONS RULE SETS?

Their are 2 rule sets that apply to this area; Security and Privacy rule sets. These 2 rules cover every aspect of your Practice, the HIPAA Compliance service we offer covers ONLY the Security Rule and not the Privacy Rule, therefore it focuses on the technology systems(computer-network) at your office. HIPAA CFR 164.308.xxx Security Rule covers every aspect of technology like; ePHI usage with computers, computer security, connectivity, data backup, disaster recovery, user access, employee security training & awareness and ePHI transmission, whether you have an EMR system or not. Even if you only use a Practice Management system for billing-scheduling, you are are still obligated to comply with both rule sets. We do not cover any operational HIPAA compliance requirements, only the Security Rule requirements.

IS THIS SERVICE SECURE AND CONFIDENTIAL?

We provide a confidential agreement with Non-disclosure Confidentiality Agreement so it's very confidential and secure with no outside 3rd party notifications. If a Risk Analysis is required, risks and gaps are identified after our assessment service and reviewed with your staff only. Mitigation reviews are coordinated through onsite review and/or  conference calls to manage go-forward mitigation plans.

HOW WE COLLECT INFORMATION?

For Governance, policy and procedure reviews we meet with key personnel using conference calls, video conferencing and onsite reviews to understand your processes. 

For Risk Assessment we schedule and coordinate an onsite assessment time and depending on the type of computer-network systems you are running, we will perform an onsite visual and electronic survey. Our software tools collect information and analyze any Risk exposures on all devices connected to your office network. We then produce a Risk Score Card Report that helps prioritize and follow-up on all exposures and develop a go-forward Risk Mitigation Plan for your office.

DO WE PROVIDE ALL DOCUMENTATION?

Yes, our turn-key service provides all documentation and reports in electronic form as well as printed and organized 3-Ring system for your records. We also provide Policy and Procedures that are industry compliant  and modified to address all levels of the administrative, technical and physical safeguard requirements.

HOW LONG DOES IT TAKE TO COMPLETE THIS?

The time to become compliant will depend on the availability of your Security Officer or Office Manager, IT resources, size of IT infrastructure and complexity of your Information Systems.

Once we agree to perform the Risk Assessment, we will identify the scope of work and timeline for your approval. If you have internal or external IT support, our work plans manage and coordinate the risks and gaps mitigation with all parties involved.

Most solutions to mitigate issues can be quickly resolve while other changes require functional and operational modifications that will impact your end-users and vendors.

This takes organized planning and management to reduce impact to the daily operations and care of your clients/patients. Our Project Management approach will keep you in the loop as we work to mitigate in small increments and provide a detail project plan with milestones to achieve compliance, bottom line: It's not over night.
 

NOW IS THE TIME. Protect and safeguard your company. Avoid risks and penalties, as well as embarrassing breach  disclosures! Your customers, patients, employees and business associates will greatly appreciate your attention to Cybersecurity - Get a Cybersecurity Review!