Case Study | Information Services and Security Risk

Huntzinger was contacted by a Northeastern healthcare system with a teaching hospital and 70-plus ambulatory practices to respond to their Information Services and Security Risk Assessment RFP.
Huntzinger’s Assessment:

  • Reviewed the current state applications portfolio and hardware infrastructure
  • Evaluated roles and responsibilities for the development and implementation of the health system strategic plan
  • Assessed current interoperability and adaptability capabilities and systems for a single-care record as well as regulatory requirements and end-user experience improvements
  • Reviewed high risk processes, structures and resources within the IS department
  • Conducted a threat profile and security measures

Huntzinger’s Recommendation:

  • Establish formal IS governance process to review and prioritize all current and proposed IT investments and projects
  • Determine a comprehensive institutional Security Plan
  • Develop an overall application rationalization plan to assist organization in moving to a single EHR, aimed at reducing operating costs
  • Create a sequencing process for system upgrades and institute formal patch management processes

Huntzinger provided the client with a comprehensive 30/90/180-day plan to implement the recommendations. The assessment was conducted in a totally virtual environment, and recommendations were presented and signed off by senior management.

To learn more about Huntzinger’s Best in KLAS Advisory Services, click here.