Privacy and Cybersecurity Services

The Compliance, Risk & Resilience practice at B. Riley Advisory Services has partnered with MS Strategic Solutions, LLC to collectively provide a portfolio of information security, privacy, and audit services to the healthcare and biosciences sector.

Companies in this space face a unique confluence of risks and vulnerabilities that threaten their ability to assure the confidentiality, integrity, and availability of data that they are entrusted with, and the systems and infrastructure that store and process that data. Information security programs must be up to the task of delivering the confidentiality of Personally Identifiable Information (PII) and Protected Health Information (PHI) that is the foundation of companies' ability to meet their privacy obligations. Cybersecurity posture must be sufficient to assure the integrity of healthcare data.

Information Technology (IT) Disaster Recovery posture must include backup and recovery capabilities if a successful ransomware attack compromises the network. Because disruption is now a universal operating condition, business continuity plans must be developed and rehearsed to assure stakeholders - patients, staff, owners, research supply chain partners, business associates, and regulators - that operational resilience is an institutional imperative.

B. Riley Advisory Services is pleased to work in concert with MS Strategic Solutions to provide:

• Cybersecurity compliance services around Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH), and Genetic Information Nondiscrimination Act (GINA)
• Compliance with The National Institute of Standards and Technology (NIST) SP 1800-30 for Securing Telehealth Remote Patient Monitoring Ecosystems (environments)
• Meaningful Use Audits and Real-World Testing of Electronic Health Records (EHR) systems
• International privacy conformity with (International Organization for Standardization) ISO 27701
• Medical device conformity with ISO 13485
• Role-based training
• Cybersecurity strategy and maturity advisory services
• Risk, vulnerability, maturity, and gap assessments and remediation roadmaps
• Penetration testing
• Cybersecurity policies and procedures
• Incident response and ransomware preparation strategy
• Cyber risk financial and insurance analysis

Click here for more information