How Technical Financial Solutions Helps Clients Stay HIPAA Compliant With SecurityIQ

Working out of Savannah, GA, Technical Financial Solutions (TFS) provides comprehensive IT auditing services to hospitals, insurance companies and nonprofits. Phishing simulations have been part of their service offering for years, but the company recently added SecurityIQ™ security awareness training to help their clients both identify — and correct — risky employee behavior.

The company plans to more than double enrolled learners in the coming months.

AppSec/API Security 2022

We spoke to Kevin Patterson, IT auditor at TFS, to learn more about why they chose SecurityIQ as their security awareness training solution. “Our previous phishing simulator was a good platform, but it couldn’t deliver the awareness training our clients needed, said Kevin. “We partnered with InfoSec Institute to educate our clients’ employees about risks like ransomware and how to become a more savvy end user.”

Kevin works closely with TFS’ healthcare clients to help them comply with HIPAA requirements and keep protected health information (PHI) secure. Security awareness training plays a big role in this process. As Kevin puts it, “your systems are only as strong as your most naive employee. If they click a malicious link, the whole system is exposed. Big data can be dangerous and is a huge responsibility.”

HIPAA Compliance Made Easy

HIPAA, or the Health Insurance Portability and Accountability Act, includes a number of data security mandates for the healthcare industry. TFS works closely with their healthcare clients to ensure they are compliant with all 54 HIPAA Security Rule standards.

“An audit will help determine what areas of your system need to be addressed, but you’d have to hire three or four people just to manage and ensure HIPAA compliance. Our healthcare clients didn’t have the resources or know-how to do this effectively,” said Kevin. “HIPAA includes several complicated and confusing standards, especially for non-technical (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Megan Sawle. Read the original post at: