fbpx Datto RTO Calculator Datto RTO Calculator

Stay Out of trouble

Stay compliant and keep your reputation (and cash).

Test Yourself With Our FREE Self Assessment!

HIPAA Compliance Security Risk Analysis

Measure Your Risks and Begin to Build Your Proof of Compliance

S2Score is a comprehensive information security risk assessment tool based on standards such as NIST, HIPAA, ISO, etc. Using S2Score, you can get a baseline understanding of where your organization’s security weaknesses are, build a roadmap, and track the improvements to the security of your organization over time.

S2SCORE APPROACH

MEASURE your organization’s risk and expose vulnerabilities in your information security program.
ROADMAP necessary changes to improve your orgnaization’s security posture in the most effective ways.
TRACK the improvements you’ve made to your security program in real-time and watch your S2SCORE rise

Benefits of the S2Score Security Risk Assessment Tool

  • Provides a baseline to measure your organization’s information security risk.
  • Based on risk. The most effective way to manage information security is based on risk, not on specific controls that may or may not fit for your organization.
  • Easy to Understand. Easy to understand and effective are not mutually exclusive.  In fact, they usually go hand in hand.  The most effective information security programs are typically simple and effective.  Complexity is often the enemy to good security.
  • Comprehensive.  Information security is not an IT issue; it is a business issue.
  • Objective. Scoring is as objective as is possible given what we know about threats, vulnerabilities, exploits and risk in general.  Each assessed control is given a risk metric based on professional opinions, best practices, and real-life data.
  • Clear and free from technical jargon. Terms like “NextGen”, “Internet of Things” (IoT), “Advanced Persistent Threats” (APT), etc. are all avoided as much as possible.
  • Industry accepted and credible, and HIPAA compliant. The assessment leverages and references current security frameworks and standards such as ISO/IEC 27001:2013 and the NIST Cybersecurity Framework (CSF). The same framework to prove HIPAA security compliance. This is very good news for organizations that have built their information security programs per one or more of these frameworks and helps to lend to the credibility of the assessment.

Ready To Try The FREE Self Assessment?

DueNorth Security and partner Security Studio offer a free security risk assessment and S2Score. This self-assessment can be validated by a DueNorth security analyst after completion.  The free self-assessment is intended as an estimate of your S2Score and should not be considered a comprehensive risk assessment.

Get My Score!

Ready For a Full, Comprehensive Compliance Risk Assessment?

A security risk analysis can be a daunting task. Meaningful use and HIPAA require you to conduct a Risk Analysis per CFR 164.308 (a)(1)(ii)(A). But if not conducted by an information security professional, your organization can still be exposed to threats against your patients’ information. And how do you know what to do after the assessment? DueNorth (Sister Company to NorthStar Technology Group) uses an unbiased, quantifiable assessment process built on the NIST framework that can be easily repeated year after year. We can help with any remediation efforts including policy and procedure creation, employee training, and more.

BASIC SECURITY RISK ASSESSMENT

Designed for organizations large and small. This assessment qualifies for HIPAA and meaningful use under CFR 164.308(a)(1)(ii)A). Say goodbye to doing it yourself. Get 3rd party validation.

 

  • Administrative Controls
  • Physical Controls
  • Technical Controls
  • External Vulnerability Scan
  • Internal Vulnerability Scan

IT VULNERABILITY ASSESSMENT

For organizations that have implement security controls on information systems. If you have an information security plan and you wish to test some or all of the security controls you have in place.

 

  • Basic Assessment PLUS
  • PenTesting
  • Application/Mobile App Scan
  • Phishing Test
  • Dark Web Scan

INFO SECURITY PROGRAM ASSESSMENT

Audit your information security program from the ground up. We will use your framework or compliance requirements to conduct a gap analysis of Administrative, Physical and Technical Safeguards.

 

  • Measurable scoring of risk in each area
  • Comprehensive security road-map
  • Build proof of compliance  

 

TECHNICAL CONTROLS

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

PHYSICAL CONTROLS

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

ADMINISTRATIVE CONTROLS

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

READY TO GET STARTED?

We can help you build your book of evidence for HIPAA compliance and at the same time actually make your information more secure.

Learn More