This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print this page

Security and Privacy

Health care reform solutions

Health reform will substantially impact how life sciences and health care organizations, regardless of sector, size, and region, realize their security and privacy objectives. Regardless of the regulatory forum, there will be significant pressure on organizations to meet challenges associated with the protection of personal health information (PHI). At the same time, health care organizations face increased collaboration and information sharing requirements both internally and externally, as well as competitive pressure to maximize investments in health information technology.

It is critical to understanding the changing technology and compliance landscape, take advantage of current market opportunities, and implement programs, systems, and controls that meet various stakeholder and regulatory expectations. Meeting the challenges of securing PHI, electronic health exchanges/networks, as well as health insurance exchanges, require organizations to address many areas including:

  • Regulatory compliance and/or certification (Meaningful Use and HIPAA/HITECH)
  • Data leakage and data breach protection
  • Enhanced management of user identities and access to PHI
  • Outsourcing and management of third-party access to patient data
  • Business and regulatory environment navigation
  • Cyber security (network and system security)
  • Budgeting and cost management

What we offer

  • ICD-10
  • Electronic Health Records (EHR) security and privacy
  • Health Information Exchange (HIE) security and privacy
  • Health Insurance Exchange (HIX) security and privacy
  • HITRUST risk assessment and risk management
  • Privacy and data protection
  • Breach response and notification
  • Identity and access management
  • Post merger integration
  • Controls and security for Clinical Information Systems (CIS)
  • Business continuity management
  • Cyber threat intelligence
  • Enterprise Resource Planning Application Security and Controls
  • Infrastructure Resiliency and Recovery
  • Security Management, Infrastructure, and Operations
  • Enterprise Privacy and Data Protection

Tools and methodologies

  • Privacy
    • Privacy portal
    • Breach response and preparedness diagnostic
    • Meaningful use
    • Information and Technology Risk Management
    • Risk catalog
  • Security infrastructure
  • HITRUST assessment
  • Information technology diagnostic
  • Identity and access management
  • Technology integration by vendor
  • Entitlements/Segregation of Duty (SOD)
  • Data quality and integrity
  • Business continuity
  • Health Care Security and Privacy Portal
  • Data Integrity Print
  • Resiliency, Disaster Recovery and Business Continuity Tools
  • Security Frameworks and Data Protection
    • Data Encryption
    • Data Leakage
    • Database Activity Monitoring
    • Data Redaction
    • Data Archive and Disposal
    • Privacy Incident Response
  • Integrated Risk and Compliance Frameworks
    • Encryption
    • Logging and Monitoring (security event management)
    • Identity and Access Management
    • Network security controls
    • Vulnerability management solutions

Key contacts

Mark Ford, Principal
Deloitte & Touche LLP

Deborah Golden, Principal
Deloitte & Touche LLP

Kim Griffin-Hunter, Partner
Deloitte & Touche LLP

Related links

Share this page

Email this Send to LinkedIn Send to Facebook Tweet this More sharing options

Stay connected