Request Information

Request Information

or Call 1.877.459.4347
Request Demo

Evolve IP Hosts Healthcare Security Summit: HITRUST and Cybersecurity 2018

HITRUST and Cybersecurity 2018
December 7, 2017 / Dave McCrystal
Healthcare Experts Discuss the Purpose and the Value of the HITRUST CSF Certification Requirement

 

On November 14th, 2017, Evolve IP hosted an informative security education event entitled HITRUST and Cybersecurity 2018 in our Wayne, PA headquarters. Co-sponsoring the event with Evolve IP were VMware, Veeam Software, Hewlett Packard Enterprise (HPE), Fortinet and Wipfli, the consulting and CPA firm that provided the audited assessments for Evolve IP’s HITRUST Certification.

The keynote speakers were Omar Khawaja, Chief Information Security Officer of Highmark Inc. in Pittsburgh (also a member of HITRUST’s board of directors) and nationally-recognized security author and cybersecurity expert Thomas L. Norman of Ingram Micro. The keynote speaking sessions were followed by an interactive panel discussion representing a cross-section of industry viewpoints. The panelists (bios provided below) represented covered entities, business associates, security specialists, auditors, and technology providers. Evolve IP’s VP of Security and Compliance Tim Vogel participated in the panel and shared Evolve IP’s perspective as a provider of industry-leading cloud solutions for over 250 healthcare clients.

Kicking off the program, Mr. Khawaja offered a unique perspective on the growing adoption of HITRUST and why HITRUST is needed across the industry to strengthen and complement HIPAA. He also explained the role of the HITRUST Common Security Framework (CSF) for enabling the healthcare industry to thrive in the face of mounting cyber threats by creating an environment where continuous security improvement is the standard.

Mr. Norman took the podium next, capturing the audience’s attention with an eye-opening description of emerging international security issues and cyberattacks, and his explanation of how these activities have direct implications for the healthcare industry. He also shared cutting-edge strategies for implementing effective security frameworks both on premises and in the cloud, including valuable strategies for optimizing physical security, mitigating cybersecurity risk, and developing compelling, risk-based business cases for driving C-suite support. All attendees received a copy of Mr. Norman’s newest paper: The Compelling Case for Unifying IT and Physical Security.

Following Mr. Norman’s presentation, the cybersecurity panel shared real-life experiences about the relationship between HIPAA, HITRUST certification, cybersecurity, and security/vendor management. They focused on the implications of security-related compliance activities on the operation of and interaction between the extended network of healthcare service providers and business associates.

 

Those who were unable to attend the event can view the recording of the full presentations or view program highlights here:
Contact us today for more information about the seminar, about Evolve IP’s HITRUST certified communications and computing solutions, or about our upcoming educational events.
 
About the HITRUST and Cybersecurity 2018 program presenters: 
Omar Khawaja | CCSK, CISSP; Chief Information Security Officer, Highmark
Mr. Khawaja has spent 15 years delivering, developing and managing enterprise security solutions. He is currently Chief Information Security Officer at Highmark, the nation’s third-largest integrated health delivery and financing network. He is also on the board of directors for HITRUST and is an expert in the HITRUST certification process and how it fulfills HIPAA requirements. He has advised executives of the Global 1000 and spoken at industry conferences (RSA, CSA, ISF, MWC, WEDI) on the topic of making security more business-centric, on 5 continents and has been quoted in media outlets such as Financial Times, NY Times and CNBC.

 

Thomas L. Norman | CPP/PCP; Global Security Consultant, Ingram Micro  
Mr. Norman is an internationally acclaimed security consultant with experience in the USA, Middle East, Europe, Africa and Asia. Mr. Norman has expertise in Cyber Security & Cyber War Defense Planning, Integrated Security Master Planning, Crime Prevention, Anti-terrorism, Threat Assessment, Security Cost/Benefit Analysis, and Threat/Countermeasure Balancing. He is an award-winning author of security industry books, including Risk Analysis and Security Countermeasure Selection, The Compelling Case for Aligning IT and Physical Security, and Security Planning and Design.
 
Cybersecurity Panelist Members: 
Paul Johnson | CPA, CISSP, CCSFP, Partner, with Wipfli LLP
Paul is a partner in Wipfli LLP’s risk advisory services practice. He has over 20 years in the information technology (IT) and information security fields, including leadership roles as a security consulting director, and information security director for an integrated healthcare delivery system. Paul leads a team with extensive experience and qualifications to provide HIPAA risk assessments, HITRUST assessments, healthcare privacy and security policy development, and other security advisory services.

 

Tim Vogel | Vice President of Security and Compliance, Evolve IP
Tim has more than 20 years of healthcare IT security consulting and management experience, including hands-on experience in networking, storage, virtualization, and information security. He was co-founder and CEO of Xtium, a healthcare-focused cloud services provider acquired by Evolve IP in 2016, his experience includes roles with AstraZeneca, Children’s Hospital of Philadelphia, ECRI Institute, Stuart Disease Management Services, and CGI Systems.

 

Philip Jevin | Vice President of Technology and Business Development, Universal Printing
As the Vice President of Technology and Business Development at Universal Printing Company LLC, an organization serving the nation’s largest healthcare service providers, Phil is responsible for providing leadership and direction for the Information Technology department. Over the last 12 years, he has helped lead the company through SAS 70, SOC 1, and SOC 2 reports, along with its HITRUST CSF Certification.

 

Karen Johnston | CISA, CIA, CFE, CCSFP, Senior Manager, Wipfli LLP
As a Senior Manager, in the firm’s Risk Advisory Consulting Practice, Karen Johnston has experience specializing in HITRUST assessments, SOC examinations, Internal Control Assessments, IT auditing, Business Process Analysis and fraud detection and prevention assessments. Karen provides consulting services to public, middle market and not-for-profit organizations in the healthcare industry.

 

Doug Manager | CISSP, Senior Sales Engineer, Fortinet
Doug is a security conceptualist with over sixteen years of cybersecurity experience.  He currently leads a team of systems engineers whose task is to evangelize the necessity of increased visibility, enhanced security, and a reduction of complexity as it pertains to securing borderless networks.
Categories: Healthcare Security & Compliance
Recommended For You
The Evolve IP Compliance CloudTM

Compliance is a way to do business … not an afterthought when clients need it.

At Evolve IP we have a dedicated compliance and security practice and work with two of the world’s top 3rd-party compliance auditors, Grant Thornton and Ernst & Young, to enable customers to extend their compliance to our fully audited cloud. This focus allows us to deliver the documentation and assurances that other’s simply cannot including HIPAA / HITRUST, PCI-DSS (all 12 sections), ITAR, SOC 2/3 and more. The Compliance CloudTM includes true client isolation, encryption in transit and at rest, private VLANs, firewalls and dozens of other security measures.

 
 
What Our Clients Say
  • "The people that Evolve IP are more personable; you don't feel like there's necessarily a script when you're talking with them, they’re easy to understand, quick to get a hold of, and they follow through on what they say they're going to do."

    Watch Testimonial

  • "Evolve IP has been a vendor partner that has grown with us, that has helped us, and that you know stands by us and stands by their word."

    Watch Testimonial

  • "I was a bit of skeptical because I've been told that by sales guys before...but you've all came through on every one of their promises and not only that, but even throughout our subsequent years of working with us as partners, you’ve stepped up to the plate whenever we needed something and provided a helping hand"

    Watch Testimonial

  • "…we were assigned a project manager for our implementation they weren't just force-feeding one process down. they listened, they work with us, they adjusted schedules and they held our hand every step of the way…"

    Watch Testimonial

  • We have been Evolve DaaS clients for just about 2 years. What execs really need to know is how much productivity DaaS brings to an organization. We have estimated that each employee saves 10 minutes a day in startup and shutdown time. Probably another 5 minutes a day in work from home productivity - i.e. more likely to log in from their home PC than if they had to carry a laptop home every night and no clunky VPN or Citrix session to dissuade them from getting on.

    So, 15 minutes a day, that is 3% of their day back. 3% of an $80,000 a year employee is $2,500.

    DaaS has a 300% return, with no capital at risk. That is what I would tell your execs. Feel free to ask questions.

    Best!

    Steve Murphey, Vice President

What the Experts Think

Our analyst-acclaimed solutions are built on a world-class, compliant architecture that leverages the blue-chip technologies organizations already know and trust.

Gartner

We deploy best-of-breed solutions including: Disaster Recovery, Contact Center, Unified Communications, DaaS, IaaS. Our services are analyst-acclaimed, vendor-validated, client recommended and award-winning.

HITRUST

Evolve IP is proud to have achieved the honor of being HITRUST CSF certified! Certification to the HITRUST Common Security Framework (CSF) affirms that all of Evolve IP’s cloud computing and cloud communications services adhere to the strictest security standards for electronic protected health information (PHI). The HITRUST security standard was developed by and for the healthcare industry as a means of going above and beyond the compliance requirements of HIPAA.

The HITRUST Common Security Framework (CSF) was developed to address the multitude of security, privacy and regulatory challenges facing healthcare organizations. The HITRUST CSF was developed by healthcare and IT professionals to provide an efficient and prescriptive framework for managing the security requirements inherent in HIPAA. HITRUST CSF rationalizes healthcare-relevant regulations and standards into a single overarching security framework. An important part of the “What is HITRUST” answer is understanding that the CSF is risk-based and compliance-based so that organizations can tailor the security control baselines and vendor management programs that they follow based on their specific organization type, size, systems, and regulatory requirements.

HIPPA

The Privacy regulations of the U.S. Health Insurance Portability and Accountability Act (HIPAA) require health care providers, organizations, and their business associates, develop and follow procedures that ensure the confidentiality and security of protected health information (PHI) when it is transferred, received, handled, or shared. This applies to all forms of PHI — paper, oral, and electronic, etc. Those who fail to adhere to HIPAA can suffer from huge fines climbing into the millions of dollars for major violations.

The Compliance Cloud™ fully enables covered entities and their business associates subject to HIPAA regulations to leverage a secure environment to process, maintain, and store protected health Information (PHI) featuring among other controls.

SSAW 16 Service Organization Control II (SOC 2)

Evolve IP has received an SSAE 16 SOC 2 Type II report on our internal controls relating to how we assess and address the potential risks associated with the security, availability, and confidentiality of not only the cloud-based services that we provide, but also our physical and logical infrastructure. Evolve IP utilizes the Certified Public Accounting firm of Grant Thornton to perform its annual audit and attestation in accordance with the Statements on Standards for Attestation Engagements No. 16 and the associated Trust Services Principles, as published by the AICPA, to evaluate the effectiveness of Evolve IP’s service organizations controls.

Forbes

While Forbes regularly features coverage and recognition about Evolve IP, they've most recently recognized Evolve IP as being the "Best Cloud Computing Companies And CEOs To Work For In 2017".  They've ranked Evolve IP in the Top 3 just behind Google and Microsoft in the Cloud Infrastructure classification.  (Feb 2017). Forbes  also recently recognizes Evolve IP for bringing Singer Equipment Corporation, a mainstream business based in PA, into the cloud by means of unified communication. (Sept  2017). Last year, Forbes recognized Evolve IP's survey of 1,080 executives citing that the number one reason to go to the cloud is the same reason that it is avoided. (Mar 2016).

Unified Communications Product of the Year

TMC and Internet Telephony Magazine have named Evolve IP’s unified communications platform as a 2017 Unified Communications Product of the Year Award winner. This marks the 6th time Evolve IP has been honored with this prestigious award and follows a series of product innovations that have allowed the company to rapidly expand its international coverage.

Evolve IP’s business collaboration tools and IP phone system dramatically improve employee productivity in the office and on the road with a Unified Communications as a Service (UCaaS) platform that fully integrates voice, video, instant messaging & presence (IM&P), desktop sharing, audio/web conferencing and more. The company also provides a sophisticated Web-based management portal, OSSmosis®, that allows administrators to easily configure system functions and quickly modify users without the need to reach out to a third party for changes.

Inc.

Inc. magazine has recognized Evolve IP in the 34th annual Inc. 500|5000, an exclusive listing of the nation's fastest-growing private companies. The list will be unveiled in the September issue of Inc.

The story of this year's Inc. 5000 is the story of great leadership. In an incredibly competitive business landscape, it takes something extraordinary to take your company to the top," says Inc. President and Editor-In-Chief Eric Schurenberg. "You have to remember that the average company on the Inc. 5000 grew nearly six-fold since 2012. Business owners don't achieve that kind of success by accident.

Payment Card Industry Data Security Standard (PCI DSS)

Evolve IP has achieved Payment Card Industry (PCI) Data Security Standard (DSS) compliance covering all 12 sections of the PCI DSS. The PCI data security standard is a comprehensive set of standards that require merchants and service providers that store, process, or transmit customer payment card data to adhere to strict information security controls and processes. It was created by the founding brands of the PCI Security Standards Council, which includes American Express, Discover Financial, JCB International, MasterCard Worldwide, and Visa Inc.

CSA STAR

Evolve IP is also a registered and participating member of the CSA Security, Trust & Assurance Registry (STAR). The CSA was formed to encourage transparency of security practices within cloud providers. It is a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings, thereby helping users assess the security of cloud providers they currently use or are considering contracting with. CSA STAR is open to all cloud providers, and allows them to submit assessment reports that document compliance to CSA published best practices. The searchable registry will allow potential cloud customers to review the security practices of providers, accelerating their due diligence and leading to higher quality procurement experiences. CSA STAR represents a major leap forward in industry transparency, encouraging providers to make security capabilities a market differentiator.

Deloitte’s Technology Fast 500TM

Evolve IP has been ranked for the second consecutive year on Deloitte’s Technology Fast 500™, a ranking of the 500 fastest growing technology, media, telecommunications, life sciences and energy tech companies in North America – both public and private. Technology Fast 500 award winners are selected based on percentage fiscal year revenue growth from 2012 to 2015. The list is a veritable Who’s Who of technology that has included tech companies like Google, VMware and Facebook.

Technology Fast 500 provides a ranking of the fastest growing technology, life sciences, and energy the companies – both public and private – in North America. Technology Fast 500 award winners are selected based on percentage fiscal year revenue growth during the period from 2012 – 2016.

Red Herring

Red Herring has named Evolve IP as one of the Top 100 Companies in North America.  Red Herring’s Top 100 recognizes the leading and most promising private companies from around the world. Among the over 20 criteria used to analyze companies for the award, Evolve IP was noted for its financial performance, technological innovation, customer footprint, the DNA of its founders and addressable market.

Red Herring selects the award winners for North America from approximately 1,200 privately financed companies each year in the US and Canada. Since 1996, Red Herring has kept tabs on these organizations and its editors were among the first to recognize that companies such as Facebook, Twitter, Google, Yahoo, Skype, Salesforce.com, YouTube, Palo Alto Networks and eBay would change the way we live and work.

Entrepreneur

Evolve IP has been recognized as one of the “Best Entrepreneurial Companies in America” in Entrepreneur magazine’s Entrepreneur360™ Performance Index, a study involving a comprehensive analysis of private companies in America. Based on this study forged by Entrepreneur, Evolve IP is recognized as a company that exemplifies growth, not just in top and bottom line, but in sustainability and the ability to achieve lasting success.

According to Entrepreneur, after evaluating approximately 10,000 U.S. based firms, the team of editors and researchers behind the E360 Performance Index collected more than 250 pieces of data from the finalists, focusing on growth drivers and challenges, goal setting, resource allocations, and reward systems. The analysis uncovered a class of leading companies, including Evolve IP, whose continued success is largely based on superior value creation for their customers, building an adaptive learning culture, and aggressive geographic expansion—placing them amongst the most dynamic firms in America today.

Latest Press Releases

M24Seven Confirms Strategic Partnership in the United Kingdom with thevoicefactory – an Evolve IP Company
May 17, 2018 / Evolve IP
Increasing Focus on Retail and Leisure Vertical Markets WAYNE, Pa.—May 17, 2018—Evolve IP®, The Cloud Strategy Company™, today announced that M24Seven, one of the United Kingdom’s fastest-growing connectivity and internet…
2018 Top Technology Employers
May 2, 2018 / Evolve IP
The Philadelphia Business Journal named Evolve IP as one of the region's Top 10 Technology Employers! The 2018 List of Tech employers includes 27,065 local employees and 11,600 local technology employees…
Great Places to Work around the Main Line
April 27, 2018 / Evolve IP
Main Line Today highlights Evolve IP as one of the 14 great places to work around the Main Line! MLT credits Evolve IP with its cool open workspace for execs,…
Evolve IP Acquires Leading UK Cloud Communications Provider thevoicefactory Ltd.
April 18, 2018 / Evolve IP
Expands Global Presence and Distribution Capabilities, Deepens Vertical Presence in Hospitality, Automotive, Finance and Legal Industries WAYNE, Pa.—April 18, 2018—Evolve IP®, The Cloud Strategy Company™, today announced that it has…
View More
close

Contact Us

or Call 1.877.459.4347