+1 206 446 0600 umv@merysolsecurity.com

Maintaining a cyberattack-resilient, HIPAA -compliant environment


For HIPAA Covered Entities, it is critical to protect the investment made in having a HIPAA compliant environment.  The diagram below shows the different components of the solution.  The text opposite the chart, shows you the steps you must take.


Physical Security 

First level of protection against environmental threats and man-made threats. There is a need to establish Security Controls for: Reception areas, Server and Workstation areas, Equipment, Access Control, Computer Maintenance and Wiretapping

Incident Management 

Detection, Identification, Analysis, Prioritization and Resolution of security incidents. This involves many processes and assignment of responsibilities to the security team.

Vulnerability Assessment

Evaluation of the ability to withstand assault. It is done by classifying possible vulnerabililtes. It can be used to identify weaknesses that could be exploited and predict effectiveness of preventive and restoring measures.  Merysol Security’s Cybersecurity Preparedness Assessment can help you get you a practical update on how your IT is prepared for a cyberattack. 

Breach Resolution & Recovery

Actions taken to understand root-cause of the breach, enable solutions to fix the problem and restore the system to its condition before the attack.  Merysol Security’s IT-Disaster Recovery Plan can help you specify the actions needed to restore service. 

Communications and Reporting Plan

Communicating with Customers, Employees, and business partners after an emergency situation is something a HIPAA CE must be prepared to do ahead of time. Reporting to the proper authorities, in a timely manner, is critical.  Merysol Security’s Business Continuity Plan can be the repository of these activities.

Check Out our HIPAA Regulations Assistance