Background:
In order to achieve its overall security and regulatory compliance objectives, a behavioral health company wished to assess its security and privacy compliance needs. PPT completed a gap analysis and developed the requisite thought leadership (roadmaps, action plans, budgets, staffing plans, vendor procurement plans, policies and procedures, RFPs, vendor selection criteria) to guide the clients strategy to meet these mandates.
Goals:
- Determine regulatory compliance requirements & action items
- Provide scope, schedule & budget for an information security and privacy program
- Assist with build vs buy decisions for compliance purposes
- Determine task prioritization & staffing needs
Accomplishments / Benefits:
- Identified applicable regulatory compliance criteria
- Created RFPs and selection criteria for Managed Service Providers (MSP) and Managed Security Service Providers (MSSP)
- Developed roadmaps, action plans, budgets, and staffing plans, as well as policies and procedures for security and compliance
- Created an information security and privacy program