Censinet Delivers Major Enterprise Risk Management Product With Support for Health Industry Cybersecurity Practices (HICP)
Post Summary
A comprehensive enterprise risk management solution designed for healthcare organizations, automating the implementation of Health Industry Cybersecurity Practices (HICP). Provides actionable insights into an organization's cybersecurity risk posture while guiding them to improve patient safety and safeguard protected health information (PHI).
Automates workflows to streamline HICP compliance and reporting. Offers real-time visibility into cybersecurity risk posture and HICP coverage. Helps organizations demonstrate recognized cybersecurity practices during audits or enforcement actions, reducing fines and penalties.
HICP-based Questionnaires: Tailored to organization size for accurate assessments. Automated Tracking: Tracks findings, remediations, and evidence to demonstrate cybersecurity best practices. Peer Benchmarking: Compares cybersecurity performance with industry peers. Custom Reporting: Generates reports for HHS, OCR, and insurance carriers. Executive Dashboards: Provides insights into overall cyber posture and future risk projections.
HICP provides practical, industry-led cybersecurity guidelines to reduce risks effectively and affordably. Focuses on mitigating the top five cybersecurity threats through ten actionable practices. Helps healthcare organizations comply with regulatory standards and improve their overall cyber resilience.
Censinet will demonstrate the platform’s capabilities at the BOLD ViVE Cybersecurity Pavilion (Booth 1012-16) and answer questions about HICP integration. Visit censinet.com/HICP to learn more or request a demo.
New Offering Enables Healthcare Organizations to Demonstrate HICP Coverage and Address OCR Standards for Consideration During Enforcement Actions
Boston, MA and Miami, FL - VIVE 2022 Conference – March 7, 2022 – Censinet, a leading provider of risk management solutions for healthcare, today announced Censinet RiskOpsTM for HICP, a major enterprise risk management solution built for Health Industry Cybersecurity Practices (HICP). Offered as a standalone solution or integrated with the Censinet RiskOps Third-Party Risk Management platform, Censinet RiskOps for HICP streamlines and automates the Health Industry Cybersecurity Practices into an easy-to-use and powerful workflow and reporting solution. With Censinet RiskOps for HICP, healthcare organizations gain visibility into their current cybersecurity risk posture, affording business, GRC, and IT leaders a clear picture of their HICP coverage while spelling out the specific actions required to improve their cybersecurity risk posture to ensure patient safety and safeguard protected health information (PHI) and systems.
“Today’s launch of Censinet RiskOps for HICP revolutionizes how the healthcare industry protects patient care by effectively integrating cybersecurity best practices and enterprise risk management,” stated Ed Gaudet, CEO and Founder of Censinet. “Alternative security and risk frameworks have historically been expensive, difficult, and time-consuming to implement for most healthcare providers. Censinet RiskOps for HICP enables physician practices, hospitals, and large, integrated health networks to affordably prove they are doing the right thing to improve their overall cyber posture.”
The publication of the HHS 405(d) Health Industry Cybersecurity Practices (HICP) in 2019 outlined a healthcare-specific approach to cybersecurity. Created in partnership with public and private organizations across the healthcare industry, HICP provides “practical, understandable, implementable, industry-led, and consensus-based voluntary cybersecurity guidelines to cost-effectively reduce cybersecurity risks” for “health care organizations of varying sizes.” To achieve this, HICP focuses on the five most prevalent cybersecurity threats and ten cybersecurity practices that address those threats. Recent laws and regulations, such as the update to the Health Information Technology for Economic and Clinical Health Act (HITECH), instruct OCR to consider implementing these recognized cyber security practices during enforcement actions in the case of breaches. If certain recognized security practices such as HICP can be demonstrated to have been adopted for at least 12 months, it can lead to mitigated fines, early, favorable termination of audits, and mitigated remedies in settlement agreements.
“The Health Sector Coordinating Council established HICP to reduce cybersecurity risk cost-effectively, support organizational adoption, and deliver actionable guidance for protecting patient safety and data," said Erik Decker, Chief Information Security Officer at Intermountain Healthcare, Co-Lead of the 405(d) Task Group, and Chair of the Healthcare and Public Health Sector Coordinating Council Cyber Security Working Group. "A solution such as Censinet gives healthcare providers the means to easily and effectively support the creation and management of HICP, resulting in a more protected healthcare system.”
Censinet RiskOps for HICP delivers assessment workflows that guide healthcare organizations through an internal audit that maps directly to the 405(d) HICP documentation. It automatically generates a report for your board or HHS that demonstrates your cyber posture. Key capabilities include:
- HICP-based questionnaires aligned to organization size
- Automated generation and tracking of findings and remediations
- Peer benchmarking
- Forecasts projecting future risk coverage based on identified corrective actions completion
- Evidence uploading to demonstrate best practice adoption
- Report generation for Department of Health and Human Services (HHS), Office for Civil Rights (OCR), and insurance
- Assessment segmentation for evaluating regional or practice area risk exposure
- Custom scheduling of assessments and reassessment to match organizational requirements
- Scoping assessments to address unique organizational structure
- Importation of previous assessments for establishing a single repository
- Executive dashboard that reports on overall cyber posture
Censinet RiskOps for HICP is available now, and the Company will be demonstrating these new platform capabilities in the ViVE Cybersecurity Pavilion at Booth 1012-16. Censinet executives and healthcare risk professionals will be there to answer questions on HICP, its integration into Censinet RiskOps, and how any healthcare organization can get started.
For more information on how healthcare organizations can reduce and avoid the impact of risk, please visit censinet.com/HICP.
About Censinet
Censinet, based in Boston, MA, enables healthcare organizations to take the risk out of their business with Censinet RiskOpsTM, the first and only cloud-based exchange that integrates and consolidates enterprise risk management and operations capabilities across critical clinical and business areas. RiskOps builds upon the Company’s foundational success with third-party risk management (TPRM) for healthcare. Censinet transforms healthcare risk by increasing productivity and operational effectiveness while eliminating risks to care delivery, data privacy, and patient safety. Find out more about Censinet and its RiskOps platform at censinet.com.
###
Contacts:
Rob Ciampa
Censinet
(617) 286-6785
rciampa@censinet.com
Adam Benson
Vrge
(202) 999-9104
adam@vrge.us
Twitter: twitter.com/censinet
LinkedIn: linkedin.com/company/censinet
Blog: censinet.com/blog
Key Points:
What is Censinet RiskOps™ for HICP, and why is it significant?
- Censinet RiskOps™ for HICP is a powerful enterprise risk management solution tailored for healthcare organizations to implement Health Industry Cybersecurity Practices (HICP).
- It provides an easy-to-use, automated platform to assess, improve, and monitor cybersecurity posture while meeting HICP guidelines.
- Helps organizations demonstrate recognized cybersecurity practices to improve compliance, reduce risk, and protect patient safety and sensitive data.
What are the key capabilities of Censinet RiskOps™ for HICP?
- HICP-Based Questionnaires: Tailored assessments aligned to organization size and structure.
- Automated Tracking: Tracks findings, remediations, and evidence to demonstrate cybersecurity best practices.
- Peer Benchmarking: Allows organizations to compare their cybersecurity performance with industry peers.
- Custom Reporting: Generates detailed reports for HHS, OCR, and insurance carriers to demonstrate compliance.
- Future Risk Projections: Forecasts risk improvement based on corrective actions.
- Executive Dashboards: Provides real-time visibility into overall cyber posture and HICP coverage.
- Centralized Repository: Imports previous assessments into a single platform for comprehensive risk management.
How does Censinet RiskOps™ for HICP benefit healthcare organizations?
- Improved Cybersecurity Posture: Provides real-time insights into risks, enabling organizations to implement corrective actions and strengthen defenses.
- Enhanced Compliance: Demonstrates recognized cybersecurity practices during audits or enforcement actions, reducing fines and penalties.
- Streamlined Processes: Automates workflows for HICP compliance, saving time and reducing administrative burden.
- Regulatory Advantage: Helps organizations meet HHS and OCR standards, leading to mitigated fines, early audit terminations, and reduced settlement remedies.
- Cost-Effective: Makes enterprise risk management accessible to healthcare organizations of all sizes, from small physician practices to large health systems.
Why is HICP important in the healthcare industry?
- Published by HHS in 2019, HICP provides practical, industry-led cybersecurity guidelines tailored to healthcare organizations of all sizes.
- Targets the top five cybersecurity threats in healthcare and outlines ten best practices to mitigate those risks.
- Adopting HICP helps organizations strengthen their cybersecurity posture, protect patient safety, and improve compliance with regulatory standards.
- Recent updates to the HITECH Act instruct OCR to consider recognized security practices like HICP when making enforcement decisions.
What are the top five cybersecurity threats addressed by HICP?
- Email Phishing Attacks: Protects against malicious emails targeting sensitive information.
- Ransomware Attacks: Mitigates risks from ransomware that can disrupt care delivery.
- Loss or Theft of Equipment: Ensures safeguards for devices storing patient data.
- Insider Threats: Reduces risks from internal actors compromising security.
- Attacks Against Connected Medical Devices: Protects IoT devices critical to patient care.
How does Censinet RiskOps™ integrate HICP into enterprise risk management?
- Automates HICP assessment workflows, mapping directly to the 405(d) HICP documentation for seamless implementation.
- Generates compliance reports for internal leadership, HHS, OCR, and insurance carriers.
- Tracks progress over time, ensuring organizations meet the 12-month requirement for demonstrating recognized cybersecurity practices.
How can healthcare organizations access Censinet RiskOps™ for HICP?
- Censinet is demonstrating the platform’s capabilities at the ViVE Cybersecurity Pavilion (Booth 1012-16).
- Healthcare professionals can visit censinet.com/HICP to learn more or request a demo.
What makes Censinet RiskOps™ for HICP unique compared to other risk management solutions?
- Specifically designed for healthcare, addressing the unique challenges of protecting patient safety and PHI.
- Combines enterprise risk management with HICP compliance in a single, cost-effective platform.
- Focuses on automating previously manual processes, reducing complexity, and improving efficiency.
