Selected Customer References
U.S.
Department of Defense – Military’s Health Information System
Infrastructure
For the
For more than 5 years, the Cipher
Communications, Inc. MHS has contracted BCA and Cipher
Communications, Inc. to conduct certification and accreditation of its
contractor systems. During that time, BCA and Cipher have successfully
led certification efforts for information systems at more than 200 sites across
the nation. Closely partnering with the
MHS and its contractor sites and employing state-of-the-art security
technologies and tools, our team has carried out rigorous reviews, including
vulnerability scans and physical security assessments, and assisted with
implementing and verifying mitigations.
Today, the MHS is regarded as an industry leader in Information
Assurance.
Cipher performed an
audit/assessment of the UIC College of Medicine (UIC-COM) fourteen (14) medical
units systems that are used to store electronic patient health information (ePHI) using secure and industry accepted methodologies to
ensure that the UIC-COM is configured using industry best practices to identify
risk and vulnerabilities to external intrusions. Cipher reviewed UIC-COM
unit’s policies and standard operating procedures as they relate to the
HIPAA Privacy and Security Rules. Cipher provided UIC-COM with the following
services:
·
Audited of ePHI systems;
·
Reviewed
unit’s data backup and restoration procedures;
·
Compared the
security levels of the ePHI systems to industry
standards;
·
Provided a
detailed report listing all identified vulnerabilities ranked by severity;
·
Developed an
improvement plan for implementing solutions to overcome the gaps found;
·
Developed
prioritized list of recommended remedial procedures; and
·
Identified
specific areas for improvement and the relative value of improvements for each
recommended change
Cipher provides support for the Citywide
IT Security Program (CWITS) for the HIPAA Privacy and Security Implementation
Projects for the
·
Program Management of the current HIPAA security contractors
to the standards of the HIPAA contract and the internal program management
standards of OCTO.
·
Developed HIPAA assessment, the network vulnerability assessment,
and the risk assessment, the business impact analysis, and the mitigation plan.
·
Implementation of the mitigation plan tasks in all agencies
for those standards and specifications that OCTO is responsible to maintain.
·
Verification and coordination of agency implementation of the
mitigation plan tasks for those agencies conducting their own implementation.
·
Conducted an audit of the full HIPAA Security Rule
implementation to verify that it satisfies the objectives above and the
detailed specifications identified in the law.
·
Prepared a work plan to accomplish the more costly elements
of the security rule, and produce a financial plan to accomplish those
standards.
Chicago,
Cook County Treasurer’s Office – IT Security Assessment
Cipher conducted
an Information Security Assessment for the Cook County Treasurer’s
Office. The
Cook County Treasurer’s Office manages over $8 billion in property tax collections for the County. The Office is connected to the rest of the
County through the Cook County Network, managed by the Cook County IT
department. The Office also distributes
the tax funds to approximately 1,600 governmental agencies that have the
jurisdiction to collect taxes. Cipher evaluated the existing internal controls
over information technology, including hardware, software, operating systems,
and networks. A network penetration and
vulnerability scan was conducted and the results were included in the final
report.
Cipher prepared a detailed report identifying
vulnerabilities and security weaknesses within the Office. Cipher provided a solution of heightened
knowledge and awareness of the potential vulnerabilities and exposures
associated with the Cook County WAN and a means to protect the Treasurer’s
Office.