Case Study
Information Security Transformation
Healthcare
Impact Makers ensured information security program maturity as part of a broader transformation effort.
CLIENT’S CHALLENGE
A $3B+ mid-sized health care system with more than 20,000 employees recognized the importance of maturing their information security program after commissioning an independent information security assessment where they were compared against their peers in both the healthcare and commercial space. Upon completion of the assessment, the Board of Directors mandated that the information security program reach a significantly higher maturity level which would then strengthen their reputation, lessen the likelihood and impact of a security breach and establish a strong foundation to build on.
OUR APPROACH
- Analyzed prioritized and organized proposed projects into a holistic transformation program and identified additional projects and efforts to reduce risk
- Managed 12+ critical projects as part of transformation
SKILLS AND TECHNOLOGIES LEVERAGED
Governance, Risk & Compliance -
Program and Project Management -
Management and IT Consulting -
Process Engineering and Business Analysis
The Results
- A solid foundation for the information security program including a risk management framework, a security architecture framework and an information security governance structure
- Policies and standards aligned with widely-accepted security controls frameworks
- A pilot of a secure texting solution for physicians to help ensure compliance with HIPAA requirements
- More mature change and asset management processes based on ITIL best practices
- Detailed processes that improved the overall maturity of the information security program