ATTUS Technologies
1-888-494-8449

Free HIPAA Consultation

submit

Free Compliance Webinars

Listen to industry compliance experts discuss issues regarding various regulations – OFAC, BSA, PATRIOT ACT, GLBA and more.

more

HIPAA Compliance Info

Make sure your business is compliant with HIPAA.

more

HIPAA Regulation Information

Make sure you understand HIPAA in your business.

more

Need More Compliance Resources?

Get more info about ATTUS, free newsletters, events and more.

more

HIPAA Risk Assessments

Covered entities have no option but to be compliant with the Health and Insurance Portability and Accountability Act (HIPAA.) HIPAA compliance can be difficult, but any good privacy and security plan must start with an assessment of the risks to your system. An integral component of your risk assessment is testing for external penetration, internal vulnerabilities, social engineering and undetected network security lapses. But what type of penetration, social engineering and internal vulnerability testing is the most effective?

Your penetration testing program should:

  • Gather public information that could be useful for network penetration
  • Scan for vulnerabilities to your system
  • Assess vulnerabilities that are found for potential impact
  • Allow for safe exploitation attempts to test the security of the system
  • Test internet devices such as firewalls, perimeter routers, web servers
  • Provide detailed post-test reports for tracking, reporting and auditing purposes

Your social engineering testing program should:

  • Involve electronic access by using authentic-looking emails and other tags when requesting access to passwords, usernames, and other confidential information
  • Involve other access, such as telephone contact, in a credible manner to seek disclosure of restricted or confidential information from employees
  • Include phishing and similar attempts to direct employees to unauthorized websites for purposes of accessing confidential information

Your internal vulnerability assessment should:

  • Scan your entire network including all hardware and software
  • Conduct LAN sweeps
  • Perform internal vulnerability, patch management and port scanning
  • Provide a detailed report that recommends concrete steps for securing your network

Meet your HIPAA penetration, social engineering and internal vulnerability testing requirements with ATTUS

For over 12 years, ATTUS has worked with banks and financial institutions to assess the security of their systems and develop solutions for vulnerabilities. ATTUS has developed specific solutions to test for the risks of external penetration of information systems, the risks of internal weaknesses due to social engineering of employees and from potentially damaging network security lapses. These solutions are particularly useful as a component of any HIPAA security program. Check out our:

Comply with your HIPAA obligations by protecting your customers’ PHI (protected health information) and protecting your business. Learn more about ATTUS’ suite of products and how it will facilitate your HIPAA security testing and compliance demands.

Microsoft Certified Gold Partner SAS-70 Level 2 Certified

Contact Us   |   Privacy Policy  |    Site Map

© 2012 ATTUS Technologies, Inc.

BBB Accredited