IT / Cyber Security

Information Technology (IT) supports almost all clinical and financial processes in a Healthcare provider environment and it is important that controls are in place to provide confidentiality, integrity, and availability of IT systems and data. In addition, since hospitals are making significant investments in Healthcare IT to implement Electronic Medical Records and achieve “meaningful use” according to the American Recovery and Reinvestment Act of 2009, it is critical that IT resources and projects be effectively managed.

CHAN Healthcare’s Information Technology audit team is composed of professionals with extensive experience in auditing automated systems and processes in the healthcare provider environment, from large healthcare delivery networks to critical access hospitals.  

Assessing IT Risk
CHAN Healthcare uses a risk management based audit approach in performing IT Audits.  We start by gaining an understanding of the organization and IT environment. The audits we perform and the scope of those audits is based on the organization’s goals and risks.  Our IT auditors focus on assessing whether appropriate controls are in place to reduce the risks associated with using IT systems to perform critical processes. We use proven methods, based on industry accepted control frameworks, to assess IT risks.

IT Audit Services
CHAN Healthcare provides a wide range of IT Audit Services. Some examples of IT Audits regularly performed by CHAN Healthcare include:

IT Application Reviews

  • Electronic medical record
  • Picture archiving and communication system (PACS)
  • Surgery information system
  • ERP system

IT General Control Reviews

  • Security administration
  • Backup and recovery
  • Data center controls
  • IT Management
  • Management of third-party services (IT Outsourcing)
  • System acquisition and implementation
  • IT Compliance (e.g., HIPAA)

Cybersecurity and IT Consulting Services - CHAN Healthcare offers a unique solution for specialized healthcare Information Technology (IT) services, including: