Executive Management asked Elliott Davis to help answer: “Is my electronic protected health information (ePHI) safe from cybercriminals and others that steal healthcare data?”


  • The organization serves patients through its network of hospitals, clinics, and surgical centers.
  • Needed to mitigate risks associated with creating, maintaining, transmitting, storing, and securing electronic protected health information.

 Our Approach

  • HIPAA Security Rule Risk Analysis
  • Cybersecurity Center for Internet Security (“CIS”) Top 20 Assessment
  • External Vulnerability Scan/Penetration Testing
  • Social Engineering Assessment

 Customer Results

  • Met legal requirements
  • Received HIPAA Security Rule Risk road map for each of its entities to efficiently and effectively begin to mitigate risk exposure
  • Gained understanding of cybersecurity exposure through assessment and established plan and framework to remediate identified gaps
  • Identified how to protect areas an attacker might exploit to gain access to environment

We Can Help

For more information on this and other topics, contact a member of our team.

The information provided in this communication is of a general nature and should not be considered professional advice. You should not act upon the information provided without obtaining specific professional advice. The information above is subject to change.