This service reviews your Expresso Subscription Plan and helps guide your named Privacy Officer or Security Officer (could be the same person) so that you can get your HIPAA compliance initiative ("HCI") jumpstarted. Unlike our Cybersecurity Audit where we come onsite and review the visible demonstrable evidence of your HCI, in this engagement we focus on setting the tone and the direction of your HCI so that you can get the most requirements met in the shortest period of time.
“…Through the process of risk management, leaders must consider risk to U.S. interests from
adversaries using cyberspace to their advantage and from our own efforts to employ the global
nature of cyberspace to achieve objectives in military, intelligence, and business operations… “
“…For operational plans development, the combination of threats, vulnerabilities, and impacts
must be evaluated in order to identify important trends and decide where effort should be applied
to eliminate or reduce threat capabilities; eliminate or reduce vulnerabilities; and assess,
coordinate, and deconflict all cyberspace operations…”
“…Leaders at all levels are accountable for ensuring readiness and security to the same degree
as in any other domain…"
-- THE NATIONAL STRATEGY FOR CYBERSPACE OPERATIONS
OFFICE OF THE CHAIRMAN, JOINT CHIEFS OF STAFF, U.S. DEPARTMENT OF DEFENSE
The cost of our Fixed Fee package is $2,500.00 USD and time boxed at twenty (20) hours.
As stated above, the deliverables (in part) are: (1) the policies and procedures enumerated above fully discussed and understood within your organization; (2) a complete and actionable Risk Assessment implemented with the assistance of Expresso; and (3) a Remediation Plan based on our Scorecards.
Think of it as a kind of insurance policy. It is now widely understood that a significant breach of protected Information will cause large scale financial and reputational damage to your Organization (think Target). Our Cybersecurity Audit helps you reduce identified Risks to levels that are "reasonable and appropriate" for an Organization of your size and complexity.
Our HIPAA Jumpstarts reviews one Profit & Loss center within your Organization.
Our HIPAA Jumpstart produces a Remediation Plan as one of its deliverables. However, actual remediation can be an open-ended project whose cost is NOT included in the Fixed Fee offering.