Health Information Security
Leidos offers security services that help healthcare organizations (HCOs) maintain the confidentiality, integrity, and availability of electronic protected health information (ePHI), meet their compliance mandates, and operate successfully in a highly regulated and increasingly competitive healthcare environment.
Cost Effective Management of Complex Security Challenges
Leidos's teams of security specialists have deep knowledge and understanding of the privacy and security policies and technologies needed to enable compliance with the numerous federal statutes and regulations to which HCOs may be subject. These requirements include the Health Insurance Portability and Accountability Act (HIPAA) Security and Privacy Rules, National Institute of Standards and Technology health IT and security standards and best practices, various financial integrity statutes, and for federal agencies, the Federal Information Security Management Act (FISMA), as well as state and industry data protection requirements and best practices.
Our security and privacy experts serve in leadership roles on prominent national health IT forums including the HHS Office of the National Coordinator for Health IT (HIT) Privacy and Security Standards Committee and the National Health Information Sharing and Analysis Center (ISAC) Board of Directors.
We help our customers comply with legal mandates and help select solutions that enable effective protection of the confidentiality, integrity and availability of sensitive information.
Risk Management
We apply our deep expertise in security risk assessments, architecture, design, development, implementation, testing, security auditing, intrusion prevention/detection and mitigation and certification and accreditation to the healthcare setting. We help ensure that our solutions can operate safely and effectively to protect sensitive information in each unique customer environment.
- We work with our customers to analyze threats and their vulnerabilities to those threats, and to develop mitigation strategies.
- We develop effective security policies and procedures and design and deploy the technical implementation of the policies.
- We develop solutions to prevent, detect and mitigate loss of sensitive data both from insiders as well as external intruders.
- We help our customers anticipate, protect, detect, defend, respond and recover from cybersecurity incidents and disruptions.
Preserving Data Integrity and Availability — Critical to Patient Health and Safety, and Business Reputation
Protecting patient data is not only an issue of privacy and confidentiality protection and regulatory compliance for HCOs but is also a matter of patient safety. The viability of the health enterprise directly depends on its ability to secure its systems and data, and the consumers of its services.
Protecting the integrity of health data against corruption and guarding its availability and accuracy are critical to safe and effective clinical care. Our security solutions and services enable HCOs to collaborate and share ePHI and other sensitive and safety-critical information safely across systems and networks.
Data corruption, data breaches and systems intrusions create patient safety issues and endanger the reputation of the HCO. Our cybersecurity technical capabilities, proven in the national security and defense domains, help our health customers guard precious data and business reputations in an increasingly challenging and competitive world.
Critical Security Services in the Healthcare Organization
Our security services span the full range of the security life cycle. Some of our security services critical to the HCO include:
Securing the Healthcare Organization Today for the Future
The standards of care for securing health data have evolved to recognize the increasingly aggressive threats to electronic health records. Providers entrusted with private personal health data and valuable business data are stepping up their capability to secure sensitive data as not only a compliance imperative but also as a business continuity strategy.
Leidos brings proven vendor specific expertise in EHR systems combined with our expertise in security to help our clients anticipate and address continuously evolving challenges.
Service | Benefit |
---|---|
Security consulting |
|
Identity and Access Management |
|
Audit Log Management and Access |
|
Audit Log Management and Access Reporting / Data Loss Prevention |
|
Certification and Accreditation and Continuous Monitoring of Security Measures |
|
Service | Benefit |
---|---|
Software security development for Electronic Health Record (EHR) systems |
|
Secure Mobile Solutions |
|
Advanced Analytics and Forensic Analysis |
|
Service | Benefit |
---|---|
Managed Security Services and Defense in Depth |
|