Page 3 - HCN Professional Services Booklet
P. 3
CISO Services
Health Choice Network, Inc. (HCN) has developed a team to assist Federally Qualified Health Centers
(FQHC’s) in building a strong secure network by planning, guiding and advising information technology
staff with cyber security tools and best practices. From Penetration Testing, Security Awareness Training
and Security Risk Assessments, HCN uses its resources from the CISO Team to not only advise but train
FQHC Information Technology teams to further protect PHI and Critical Network Infrastructure.
SECURITY AWARENESS TRAINING VULNERABILITY ASSESSMENT
Health Choice Network’s healthcare specific Security An annual Vulnerability Assessment is a critical part of
Awareness Training is offered virtually or on-site and provides organizations HIPAA security risk plan. The Health Choice
education for employees on the ongoing cyber security Network assessment performs specific industry
threats and how to identify them. This is an annually examinations and searches all devices on your local network
mandated training for all health center Associates under the for vulnerabilities that perpetrators can exploit and use to
HIPAA training provision for HIPAA security policy regulations. gain unauthorized access to Patient Health Information (PHI)
Training Objectives will focus on: or sensitive business data. The assessment provides a risk
How to identify phishing emails and malicious websites level rating (HIGH to LOW) of recommended actions
Tips and tricks on identifying social engineering scams in required in order to prevent unauthorized access to include
person or by phone software updates needed, security concerns related to aging
How to properly respond and report security threats technology and hardware, and configuration changes
Review your organizations Phishing Simulation Attacked recommended.
Report*
Industry trending security threats
Annual Trainings should be provided to keep organizations
updated on current and latest threats to the industry, their
working environment and for HIPAA regulation compliance.
* Phishing Simulation Attack service is required for report review during
Security Awareness Training.
PHISHING SIMULATION ATTACK PENETRATION TESTING
Phishing attacks are the number one cause for data Our annual Penetration Testing simulates an attack on your
breaches in our industry. An annual phishing simulation is networks access points. Several subject matter experts will
important to help demonstrate this type of attack and how work to exploit known vulnerabilities in the technology and
to identify them. HCN provides a Phishing Simulation Attack configuration deployed within your organizations network. If
to all health center Associates, using a realistic email CISO team gains access, our penetration testers will
communication with malicious links. Associates who open document access to various systems while continuing to
or click on the simulated malicious links will be identified gain access to as many network and systems possible during
and flagged for additional training needs during the the engagement period. A report will be generated of the
presentation of the Phishing Simulation Attacked Report. simulation and used to educate and prioritize systems and
The phishing simulation service is highly recommended in configuration while securing your network; ultimately
conjunction with our security awareness training in order to preventing this form of attack.
provide the complete experience for Associates.
1 / 2
Additional information available upon request. www.hcnetwork.org
®
Chief Information
Security Office
2024, Health Choice Network, Inc. All Rights Reserved.
