Security and Risk Management

Industry-leading expertise to help you lower risk and build resiliency

Impact Advisors Earns Best in KLAS: Security & Privacy Consulting Services for 2023

The Best in KLAS Security & Privacy Consulting Services designation is awarded to firms who help organizations assess, enhance, and develop security and privacy programs through technical or advisory work, which should result in a more secure and private environment. Services include security risk assessment, HIPAA privacy assessment, virtual/interim CISO, and penetration, vulnerability, network web application, and security testing.

Impact Advisors received a score of 99.5 for Security & Privacy Consulting Services.

Ensuring Business Resilience

Cybersecurity-related healthcare incidents continue to be on the rise, stressing organizations’ financial stability and threatening patient safety. It’s no longer a matter of if but a matter of when. Is your organization prepared? This brief video shares a few ideas to help as you plan to improve business resiliency.

Challenges

Our team of healthcare security experts can help your organization improve compliance, identify risks, develop remediation plans, benchmark security posture, and track maturity improvement. Typical challenges we help address include:

Value Delivered

Business resilience

Threats will continue. Our objective is to fortify your defenses, reduce your risk, and put compliant procedures in place to lessen the impact of intrusions.

Regulatory compliance

Our guidance adheres to HIPAA security and privacy rules, HICP, NIST, SCF, and new regulations like the anticipated Healthcare Cybersecurity Act of 2024.

20%+ cost savings

Security application rationalization reduces cost, drives simplification, eliminates redundancy, and improves overall security effectiveness.

Experienced security leadership

Several of our experts have worked in CISO roles for healthcare organizations and are prepared to deliver that expertise to your organization virtually and cost-effectively.

Better security education and awareness

Improving organizational knowledge about safety and security and keeping staff well-informed of healthcare data security policy changes is critical to maintaining an impenetrable front line.

Improved operational efficiency

Safeguarding patient health information is an optimizable process. Our proven framework is designed to streamline and accelerate your team’s efforts.

Health information security pressures continue to increase. Cybercriminals are not only trying to infiltrate hospitals and health systems directly, they are also gaining access by targeting providers’ business partners.

How We Deliver Value

Impact Advisors offers a portfolio of security and privacy services designed to meet you where you are and get you where you need to be. From as-needed expert guidance to embedded, interim leadership to manage day-to-day, we partner with health organizations to assess current capabilities, define or validate objectives, and achieve them at a pace that makes sense for your organization.

Security Strategy and Advisory Services

Expert guidance when you need it to validate security direction, set goals, analyze current security posture, define an actionable plan, or provide education and awareness to business and IT executives on proactive safeguarding procedures.

Interim and Virtual CISO Services

Experienced, executive-level security professionals who will seamlessly lead your security program, initiatives, and teams until a permanent and suitable candidate is identified.

Security Risk Assessments (SRA)

An evaluation of your organization’s risk tolerance and current security and compliance policies, controls, and activities. Building on the NIST Cybersecurity Framework (CSF) and other industry standard models, we identify weaknesses or gaps and offer pragmatic recommendations to shore up your defenses.

Security Program Assessment and Security Office Development

A thorough review of your organization’s current security program (people, process, and technology) or posture, delivering a clear understanding of strengths and opportunities for improvement, along with an actionable, prioritized roadmap for advancing the maturity of your security program, teams and leadership over time.

Regulatory Compliance

Impact Advisors provides strategic and advisory services associated with the various rules, standards, and regulations applicable to providers and healthcare organizations including 21^st Century Cures, Interoperability and Patient Access, Physician Fee Schedule (PFS), Outpatient Prospective Payment System (OPPS), Inpatient Prospective Payment System (IPPS), Stark and Anti-Kickback Statue (AKS), TEFCA, No Surprises Act, etc. We also offer governance and implementation assistance associated with various aspects of these rules including MIPS/MACRA, Information Blocking, EHI Sharing, EHI Export, Price Transparency, HL7, RESTful and FHIR API, OAuth, etc.

Related Services

Disaster Recovery & Business Continuity

IT Optimization & Modernization

Data & AI

Strong Stories.

Detailed Experiences.

Case Studies.

Impact Advisors helped an integrated health system develop an information security vision, attain attestation of their Information Security Program, and move to a more mature stage (increased CMMI score 14 points across 23 categories), enabling improvement of their organization-wide security awareness and reduction of overall security risk.

14-Point

increase in CMMI score

A large medical group’s decision to insource its back-end revenue cycle functions and simultaneously standardize and optimize denials management and patient collections generated margin improvement beyond expectations.

$14M

Realized Savings

Impact Advisors helped Oregon State Hospital implement a “best practice” Revenue Cycle. Results of the engagement include a 477% increase in average monthly cash collections.

477%

Increase in Collections

When an integrated network of 18 hospitals, more than 40 outpatient health centers, and 200 physician offices prepared to implement an updated EHR, Impact Advisors supported the consolidation and standardization of the Charge Description Master and Charge Generation Tracker.

12

CDMs Consolidated

To establish trust and draw Operational and IT teams together toward a shared set of objectives, Impact Advisors’ experts leveraged prior experience working in revenue cycle leadership roles, lessons learned delivering engagements at similar organizations, and design/build expertise with the client’s EHR platform.

$107M

in Cash Achieved in a Single Month

Our work with a large network of dermatology clinics led to a $4.6 million increase in revenue and a more than 10% increase in volume of patients seen.

10%

Increase in Volume of Patients Seen

Mike Garzone – Security & Business Resilience Practice Lead

Mike is an accomplished healthcare consulting executive. During his career of over 30 years, he has developed and managed large, multidiscipline teams delivering enterprise-scale solutions for application integration, information management, enterprise resource planning, and advanced infrastructure.

Marc Johnson – Security & Risk Management Expert

Marc is a performance-driven, C-level information security leader with a long history of driving complex, enterprise-scale technology security programs envisioning to value realization. a proven track record of building and guiding diverse teams toward actionable goals (PCI, HIPAA, GLBA, etc.) and results.