Client Interview Process
Interview covered entity's staff to understand the client's current use of their information systems.
Document client's requirements and business critical applications.
Define ePHI vendors, cloud service providers, and business partners.
Onsite Review of Information Systems
Inventory of all information systems hardware and software.
Physical networking topology reviewed.
Cyber Security Vulnerability Review
Network vulnerability scanning, port scanning with active reconnaissance.
Complete hardware and software profiles of all workstation and servers.
Security and compliance scanning of all workstations and servers.
Embedded systems reviewed for known vulnerabilities, outdated firmware, default configurations, and insecure configuration settings.