OHD Passes All 2022 Security Audits
The FBI reports an increase of 400% in cybercrime since the start of the pandemic including an increase in targeted ransomware attacks on multiple industries and targets. With the threat landscape evolving at a rapid pace and organizations facing unparalleled security challenges, it will be critically important to continue investing in information security programs and initiatives. The healthcare industry faces increasingly complex privacy and security requirements and stepped-up enforcement by federal and state agencies.
As part of our annual security initiatives, Onsite Health Diagnostics undergoes a variety of security audits and assessments to ensure we are fulfilling our duties to protect our client data. Three of our biggest reviews are our annual SOC 2 (Service Organization Control 2) audit, technical security risk assessment, and ethical hacking review.
SOC 2 is a set of standards and guidelines that provide a framework for assessing the controls at a service organization that is relevant to security, availability, processing integrity, confidentiality, and privacy. These controls are designed to help ensure that a service organization can protect the confidentiality, integrity, and availability of its client’s information and that it is operating securely and effectively.
Our SOC 2 audit was performed by AARC-360, noted no deviations, and resulted in an unqualified opinion that our security controls are effective. Our Security Risk Assessment and Ethical Hacking Review were performed by Meditology Services. In our Security Risk Assessment, we achieved the highest rating (Managed Risk) in all 19 risk categories, exceeding the healthcare industry and service provider average risk rating scores. Additionally, the ethical hacking report for our Event Management System (EMS) showed no vulnerabilities.
The charts below are based on actual data from Meditology engagements from 2017 to 2022. Actual client risk assessment scores for each engagement are recorded and then averaged to calculate the industry average scores.
As we continue to grow as an organization and navigate the ever-changing IT security landscape, security will remain a top priority in all our future initiatives. While the results of this year’s audit are great news for us and the hundreds of organizations we serve each year, we are committed to embracing even more best practices to fend off future attacks.
To learn more about our security practices and how they may benefit your company’s biometric screenings, please fill out the form below.