Training & Certification
Request a Proposal
User Behavior Analytics
By Compliance Requirement
Find a Partner
About Our Research
Meet the Team
National Exposure Index
Quarterly Threat Report
Under the Hoodie
Events & Webcasts
Training & Certification
IT & Security Fundamentals
News & Press Releases
Healthcare breaches are on the rise. Services providers face the challenge of securing a large amount of sensitive information about their patients – from financial and personal information to confidential medical records.
The loss of protected health information (PHI) not only incurs heavy fines and legal liability for healthcare providers, but also long–term personal hardship for the affected patient. In fact, the Health Insurance Portability and Accountability Act (HIPAA) and its supplement, the Health Information Technology for Economic and Clinical Health (HITECH) Act, were created specifically to address PHI theft.
We understand the unique security needs of your industry. Find out how we can put that insight to work for you.
Use Nexpose to conduct a thorough assessment of risks across vulnerabilities, configurations, and controls, and prioritize risks for remediation based on threat exposure and business impact. Automatically audit your systems for compliance with secure configurations, password policies, and access control requirements.
Simulate real-world attacks against your defences and evaluate the effectiveness of security measures at protecting ePHI with Metasploit. Closed-loop integration with Nexpose enables you to validate the exploitability of vulnerabilities in Metasploit and automatically prioritize for remediation in Nexpose.
InsightIDR provides the ability to tag systems containing ePHI as “restricted,” then monitors all activity on these systems for unauthorized access. Leverage user behaviour analytics to detect security incidents and accelerate investigations with instant user context, endpoint interrogation, and advanced search capabilities.
Use AppSpider to dynamically scan your web, mobile, and cloud applications for vulnerabilities (including those that allow unauthorized persons to bypass authentication controls), and generate interactive reports for remediation. Leverage built-in HIPAA reports to quickly identify gaps and demonstrate compliance.
Rapid7's Cybersecurity Services team can perform a full assessment of your security program against HIPAA security standards to help you improve your ability to protect ePHI. Rapid7 can also help you with monitoring your network for threats, penetration testing, security awareness training, and responding to security breaches.
Download this brief to find out how we help healthcare institutions like yours to reduce your risk of a breach, keep healthcare data safe, transform your security program, and simplify your HIPAA compliance efforts.