• About InfoGard

  The Company

  • Overview
  • What We Do
  • Credentials
  • Independent Third Party
  • Careers
  • Contact Us

  Clients

  • Our Customers
  • Customer Testimonials

  Management Team

  • Company Management
  • Company Advisors
• Sectors We Serve

  Healthcare IT

  • EHR Testing & Certification
  • ONC-ATCB Certification
  • Hospital EHR Certification
  • Hospital Meaningful Use Incentive Payment Security Risk Analysis
  • Electronic Prescriptions for Controlled Substances (EPCS)
  • HIPAA Security & Privacy Assessments
  • SecureEHR
  • Breach Safe Harbor Certification
  • CalHIPSO
  • Penetration Test Services for Healthcare
  • Healthcare Vulnerability Scan Service
  • Medical Device Validation
  • Services for Security Technology Vendors
  • Healthcare Security and Privacy Offerings

  Federally Mandated Security

  • FIPS 140-2
  • Common Criteria Validation
  • Postal Systems
  • FIPS 201 (NPIVP) Card Command Validation

  Financial Services

  • Hardware Security Module
  • PCI Pin Entry Device Security
  • PCI Approved Scanning Vendor Validation
  • MasterCard PTS
  • Australian Payments Clearing Association
• Problems We Solve

  Problems We Solve

  • Healthcare
  • Smart Card/ID
  • Financial Industry
  • Federal Government

  Security Technology

  • Cryptographic Knowledge
  • Comprehensive Network Assessments
  • System Security Assessments
  • Compliance Assessments
  • FIPS 140-2
• Blog, News, & Events
  • Blog
  • Conferences
  • News
• Resources

  Resources by Sectors

  • Federally Mandated Security
  • Financial Services
  • Healthcare IT

  General Resources

  • Network Security Assessment
  • GSA Schedule
  • FAQ About EHR & HHS Safe Harbor Certification
  • Meaningful Use & Certification
  • About Breach Safe Harbor
  • Useful Links

Healthcare Vulnerability Scanning Services

Home > Healthcare Information Technology > Healthcare Vulnerability Scan Services

The Health Information Portability and Accountability Act (HIPAA) Security Rule requires that Healthcare providers:

[C]onduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity.

This HIPAA requirement is also referenced by the U.S. Department of Health and Human Services (HHS) Office of the National Coordinator (ONC) criteria for healthcare providers wishing to receive Meaningful Use incentive funds.

Automated Vulnerability Scanning is a very effective and efficient Risk Assessment procedure for determining system vulnerabilities. This Assessment method uses automated tools to examine a system through one or more network connections. Scans are typically performed from various vantage points, such as the Internet, that potential attackers might use to attempt to access the target system.

The results of a Vulnerability Scan are analyzed by Network Security experts to identify false positives and to rank vulnerabilities according to severity. The resulting report can then be used for remediation planning. Once corrective actions have been completed, additional, abbreviated scanning is typically performed to provide evidence that successful remediation is in place.

InfoGard has broad experience conducting and assessing Automated Vulnerability Scan Tests. In our role as the validator for the Payment Card Industry’s (PCI) Automated Scan Vendors (ASVs), we regularly assess the capabilities of leading providers of Vulnerability Scan services and provide scanning services to other industries, including Healthcare.

To avoid any perceived conflicts of interest associated with this work, we do not provide Vulnerability Scanning Assessment Services to the Financial Services industry.

InfoGard offers a broad range of Automated Vulnerability Scanning related services, including:

• Training in the configuration, use, and interpretation of results produced by automated scan tools.
• Internal and external Vulnerability Scan Testing
• Remediation planning and management (In principle, remediation activities should not be conducted by those performing the Vulnerability Scan Testing)
• Verification of remediation

If you would like to know more about how InfoGard’s expertise with Automated Vulnerability Scan Testing can be used to facilitate HIPAA Security Rule and ONC Meaningful Use required Security Risk Assessments, please contact us at: 805.783.0810 or use our Contact Form.