CASE STUDY:
Policy & Governance for University Hospital System

BRIEF:

A large university hospital needed assistance in compliance with HIPAA and state regulations.

ROLE OF MAX2:

With massive digitization efforts already underway the current CISO needed support in delivering updated policies, procedures, and governance structure

Max² was engaged to provide a deputy CISO over the course of eight months with the mandate of ensuring transparency and reporting in cybersecurity

WHAT WAS DELIVERED?

Procedures were developed for ensuring compliance with HIPAA and other privacy regulations as IT systems and patient management/billing was digitized.

Staff trainings and testing was integrated into HR systems.

Risks were valued and ranked for targeted investment.

Audits from various regulators were passed during the engagement.

Documentation and governance structures were developed and implemented after being mapped to current NIST standards.

OUTCOME:

The hospital system was able to integrate management and reporting across practices.

services:

Governance and Risk Management

INDUSTRIES:

Education

Learn more about our cyber risk assessments, cyber defense investment rationale, security reporting standards, or organizational governance best practices.

GET IN TOUCH

CASE STUDY:Policy & Governance for University Hospital System