A healthcare startup was planning to open a series of clinics in the US and needed to stand up compliant information security and data privacy programs to do so. The client requested that Lakeside Consulting Group (LCG) engage to build out both the information security program and data privacy program from the ground up to ensure compliance and that sensitive health/patient information, including PHI under HIPAA, was properly protected.
- Security & Privacy Policies (including HIPAA mapping)
- Security & Privacy Training (including HIPAA)
- Security/Privacy Control Design - Electronic Medical Record Software (EHR)
- Vendor Security/Privacy Assessment Program
- Data Privacy Notices
- Patient Consent Process
- Release of Information Process (ROI)
- Individual/Data Subject Rights Request Processes (IRR/DSR)
- Clinic Opening Guide & Checklist (security and privacy items)
- Data De-identification Procedures
- Complaint Management Process
LCG provided a full team of security and privacy professionals to build out necessary security and privacy program components. The client was able to leverage the newly built programs to successfully open US-based healthcare clinics with an emphasis on effectively implemented information security and data privacy controls.
Protecting sensitive health information one patient at a time!