4 Pillars IT Security Assessment - HIPAA

Did You Know That Your Medical Practice Is
Required By Law To Comply With HIPAA?

One of our local medical practices here in Raleigh, NC just lost $750,000. Are you next?

Are You Secure?

If you haven't done our assessment. You're at risk!

  • Click to setup an appointment today! Learn how much your Medical practice is at risk.
  • FREE HIPAA Review Call to determine if your Medical practice is at risk from hefty HIPAA fines.
  •  Identify common mistakes most Medical practices make that could cause non-compliance, huge fines and what to do about it.
  •  Identify potential costs for not complying with HIPAA.
  •  Discuss any HIPAA security issues, ongoing problems or concerns you have with HIPAA and/or technology.

Yes, I'd like to jump on a call with you to see if I'm HIPAA compliant.

100% Privacy Guaranteed.

Sign-up Today! Only 7 Spots Left.

Client Testimonials

Just appearing to be unnecessarily vulnerable by the OCR, can be catastrophic

Given the very technical nature of this field, and it's constant changing methods of threat, it becomes very obvious that direct help from Craig and his team is the best solution for most of us. 

-Surgeon in NC

A Must For Any Practice

The Four Pillars Security Risk Assessment gave me all of the information I needed to make informed decisions on how to secure my practice.

-Attorney in Raleigh, NC

Highly Recommended!

I have worked with Petronella to implement EMR (Electronic Medical Records) in the Durham, NC area. He is extremely professional and very knowledgeable.

-EMR Solutions Provider

Craig Petronella, World's Foremost Expert on HIPAA AND Cybersecurity has authored multiple books, including How HIPAA Can Crush Your Medical Practice and Peace of Mind Computer Support. He has spent thirty years advising clients and protecting computer information. Craig makes sure your Medical practice network works when you need it the most, and is a celebrity in his field and hometown.

Craig is frequently quoted in the local Raleigh news and appears on local TV news for his expertise in protecting local businesses and medical practice owners from hackers halfway around the world in places such as Ukraine, Russia, and China. Petronella has been quoted and featured on ABC News North Carolina, CBS News North Carolina, NBC WNCN, Raleigh & Charlotte, NC Time Warner Cable News, PRNews Wire, and Newsobserver.com.

“Most Medical Practices, Covered Entities and Business Associates that need to be HIPAA compliant, are so busy being successful they don't have time to really assess their Four Pillars of IT Success (100% Uptime, Security, Applications, and Collaboration). 

The consequences of NOT being HIPAA compliant can crush a Medical practice putting them out of business. The hefty fines of $50,000 or more per infraction can sky rocket fast.

Raleigh Orthopaedic in Raleigh, NC recently had to pay $750,000 for a HIPAA violation.

We have found that if you do an in-depth analysis of your Four Pillars you will uncover factors that will allow you to save $100,000 (or more) in potential HIPAA fines, while increasing efficiency and minimizing risk of failure and unnecessary downtime”.

Amazon #1 Best Selling Author:
How HIPAA Can Crush Your Medical Practice

Yes, I'd like to jump on a call with you to see if I'm HIPAA compliant.

Yes, I'd like to jump on a call with you to see if I'm HIPAA compliant.

Top 3 Complaints We Hear From Medical Practices About Their Computer Support Teams

Lack of Response

When your network goes down or is experiencing a problem, it brings your entire firm to a screeching halt. With the fast pace of business today, you can't afford to be waiting around for your IT specialist to call you back or show up to fix your problems. 

We believe that you shouldn't have to wait to talk to someone, but MOST importantly-your IT specialist should be PREVENTING these problems from occurring in the first place.

Poor Communication and Service

Doctors put up with arrogant technicians who talk over your head to little or provide no communication on the status of your requests.  A BIG issue many business owners have with their IT professional is poor communication skills. We believe that good communication is customer service 101.  If other IT companies can't get THIS right, how can you possibly trust them to be organized enough to manage your computer network?

Never Quite Get Everything Working

Maybe you've experienced this yourself?  You hire a so-called computer expert to support your network, only to discover every time they "solve" a problem; two more seem to crop up. Or the problem they were supposed to have solved keeps coming back time and again. Then, to add insult to injury, they don't check their work, and keep charging you to come back and repair the same issues, or they blame your software/hardware or some other external reason and tell you that it CAN'T be fixed.

Important Policies and Procedures Required by HIPAA

You Need a Business Associate Agreement (BAA) In Addition to:

  • Written Information Security Policy
  •  Disaster Recovery Plan
  •  Sanction Policy
  •  Emergency Operations Policy
  •  Network Security Policy
  •  Access Control Policy
  •  Computer Use Policy
  •  Equipment Disposal Policy
  •  Termination Policy
  •  Security Incident Response
  •  Facility Security Plan
  •  BYOD Policy

Our Biggest Concern When Assessing the Environment of a New Practice is Finding a Ticking Time Bomb

It's Better to Find Them Yourself Instead of Having Them Found by a HIPAA Compliance Review.

It all started with a little clicking sound. 

Tick. Tick. Tick

Barely noticeable, really. Mildly annoying but easy to ignore. And it was only on one PC. No biggie, right?

Tock. Tock. Tock 

Joe, the owner of the company, heard the clicking but didn't know what it was. And Joe's IT guy, James, only worked part time. And when James was in the office, he had bigger fires to put out, more pressing projects to work on. 

So Joe ignored it.

Tick. Tick.

 As best he could.

But then it happened. Tick, tick...BOOM! 

All server information lost in the blink of an eye. Or should I say the tick of a hard drive?

Cost to repair: $12,500

Lost time: $27,500

Total: $41,000

Yes, I'd like to jump on a call with you to see if I'm HIPAA compliant.

We Specialize in Finding the Time Bombs and Leveraging Patented Security and Compliance Solutions That Exceed HIPAA Requirements To Keep Your Practice Safe.

This situation could have been avoided with our Four Pillars HIPAA Security Risk Assessment and our patented solutions. Petronella Technology Group, Inc. leverages the world's best, patented technologies to assess the security, compliance, policies and procedures of your Medical practice. We test the effectiveness of your current maintenance and disaster plan and then develop a customized prescription that covers everything a practice needs to do to become HIPAA compliant.  We then develop a treatment plan for ongoing managed security services to make sure your practice stays safe and in alignment with HIPAA, security and compliance.

Our metrics show, existing Medical practices can expect to see a 25-200% increase in productivity and a 27% reduction in downtime and lost hours over the next 12 months by implementing our solutions, while larger practices often experience double these metrics.

Additionally, with our patented technologies we can find AOHO’s where you can save $100,000 (or MORE). 

  • Would you like to know if you have any ticking time bombs in your computers, network or servers?
  • Would you like to stop worrying about the latest ransomware malware or virus attacks that are crippling hospitals and medical practices and instead focus on growing your Medical practice?
  • Did you know that one innocuous USB stick can cost you millions of dollars in federal fines for breaching HIPAA?

Would you like to gain crystal clear clarity about the state of your servers and network and what to do if there are problems?

The first step is to do an Analysis of the Four Pillars – 100% Uptime, Security, Applications, and Collaboration study. I use this to benchmark where you are today with your Four Pillars of IT Success and to assist me in discovering where your AOHO’s (Areas Of Highest Opportunities) are.

With all the tools available for improving your IT – computers, servers, networks, cabling, backup servers, software, firewalls, malware & virus protection, and recent advances in cloud computing – there has never been a better time to completely streamline your operations and eliminate IT issues while ensuring you have the latest technology, and having all this while reducing operating expenses.

The problem most Medical practices have is they are so busy being successful that they don’t have time to keep abreast of everything. And did you know for the same price of a part-time IT consultant you can have the equivalent of a complete, highly advanced and skilled IT department working for you?

Case in point, one Medical practice client got burned to the tune of $20,000 to remove a new deadly ransomware malware, restore their network and get back up and running. Another client has not had any downtime and SAVED $334,000. One is very successful, the other is failing. What is the difference? The one who is successful intimately understands their Four Pillars of IT Success (plus they allowed us to help them.)

Yes, I'd like to jump on a call with you to see if I'm HIPAA compliant

What Is Involved?

“Every system has a failure rate or MTBF – Mean Time Between Failure – and every system will fail. Since every system will fail it is vital to your success that you know and understand this and have a solid backup and maintenance plan in place. Additionally, in every practice there are hidden opportunities screaming to be found in their computer and server system. If you can find these, then you can add 6 figures in savings which goes directly to your bottom line.” ~ Craig Petronella

First, I review your strategy, computers and servers, help you understand your MTBF, data backup & disaster recovery, security, wiring, power connections and opportunities, etc. I look at your hardware and software and cabling. I am looking for your AOHOs – Areas Of Highest Opportunities. If (and this is an important IF) you have a reasonably good IT and network system, I usually can identify 10 factors which will improve your security and increase your uptime and profitability. And of these 10 factors, there are usually 3-4 AOHO’s that will make major improvements in your top and bottom lines. 

Did you know that every system and piece of hardware has a failure rate? It’s called the MTBF – Mean Time Between Failure. Do you know what your MTBF failure rate is? Since EVERY system has a failure rate, do you have a backup plan in place? Do you have a SSD Solid State Device or a mechanical drive? Has the platter failed or been physically damaged or scratched? Do you know if your hard drive has gone down? Has someone ever fixed your computer or server? (most people have) Did they use a ground strap? Do you KNOW that they did? You’re system will know. Most systems have failed and gone down without anyone knowing. Do you want to know IF your system has failed and gone down? Do you want to know if you are at risk? And if you are at risk, do you want to know how much so you can have a plan in place?

Here are some of the big problems we look for and assess during our analysis:

  • Neglected computers, neglected servers – Software updates come out every week and most small Medical practices don’t think they need them. If you don’t it will eventually lead to downtime and a failure. If you don’t do patches you will get hacked. If you don’t do maintenance you’re going to crash. If you don’t keep system clean it will overheat. If you don’t maintain the server it will overheat. If it’s not maintained and cleaned it will overheat. If you’re not on top of the hard drive it will fill up and run out of space. Same thing with a server. – ex. make sure you have the latest java version. Server hosts everything for your company. Ex. 10 user company server goes down & 10 people can’t work. Can’t access client files. Cost is salary per hour x number employees.
  • Data backup & disaster recovery – Most companies think they have a good system but when we audit them we find that they don’t. If you’re building burned down today, could you recover? If you were to experience a failure, could you recover? Do you have pictures of your kids on your computer? One woman had 30,000 pictures of her kids, friends, family, trips and cherished moments collected over the years. If she experienced a crash, she could likely lose all of them. Do you want to lose all those pictures and memories? Same with all your important documents.
  • Security – Inadequate firewall protection, viruses, security updates and performance patches, network monitoring (proactively detect failure and downtime). Virus infections – susceptible to hacking, slow performance.
  • Wiring – Could have wrong wiring causing networking to go down.
  • Power protection -  8/10 businesses do NOT have the proper power protection. Did you know there are 9 Power Problems that can harm your computers and corrupt your data? Click here to learn more. The risks of not having proper power protection lead to data loss and corruption. If a critical operating system file becomes corrupt, the system will no longer boot properly and ultimately lead to a crash and inability to work. Ex. Copier sharing the same circuit as the server causes the server to unexpected shutdown causing critical files 10 employees were collaborating on to be lost forever because last nights backup started at 10pm. All work from 10pm to the time of the crash is gone. Does your server have a dedicated power outlet? Are you protected from all 9 Power Problems?
  • Opportunities – Cloud services that could save your Medical practice 50% or more on IT services. Most 10 employee companies can save $100,000.00 in just 5 years. The savings don’t stop here. This savings continues on to increase your bottom line profits. In many cases, this is the equivalent to adding 1 Million in Gross Revenue Sales. How much can your Medical practice save? 

Plus, it doesn’t stop there. We will:

  • identify any IT warning signs that currently exist in your Medical practice environment 
  • map out a prescription to address those warning signs
  • provide you with a “treatment plan” for an IT solution that will assist in your company's business goals and catch any problems before they become disasters 
  • Diagnose any ongoing problems or concerns you have with the computers on your network. 
  • Scan for hidden malware, ransomware, viruses, spyware and loopholes in your network security that could allow hackers and other cybercriminals to access your confidential information and cause a HIPAA breach. 
  • Check your system backups to make sure they are not corrupted and can be recovered in case of an emergency. 
  • Review your network configuration and peripheral devices to ensure that you are getting the maximum performance and speed from your machines. 
  • Review your server file logs to look for looming problems or conflicts that can cause unexpected downtime. 
  • Check that all security updates and patches are in place.

We’re not looking for challenges. 

There are enough challenges in life without seeking them in your Medical practice. Our goal is to simplify things. To determine where you should be focusing your effort. To make it like shooting a big flopping fish in the bottom of a barrel with a bazooka! Would you like to know the top 3-4 AOHO’s that are putting you at unnecessary risk? Would you like to know how to save $100,000 or more in potential fines from non-compliance with HIPAA?

If you allow me to analyze your Four Pillars of IT Success, I will uncover the critical factors holding you back from having peace of mind that your system is not at risk. Using our patented technologies and highly skilled engineers, we can compare your Four Pillars to the industry norms for other Medical practices. Would you like to know how your practice stacks up to other Medical practices? Would you like to know how your competitors are running their operations? Would you like to know if there are holes and inefficiencies in your system and Four Pillars? And if I discover there are holes, would you like to know where they are and how to fix them so you don’t lose any business or downtime due to equipment failure or sneaky viruses? For an investment that is a fraction of the cost of the potential HIPAA compliance violations, I will devote 1-3 weeks of my time to do this analysis. Why? Because I am confidant, based on my track record, I can find AOHOs that will make you want to use my services. Right now, there is no way I can know what this study will yield. As you can imagine, this small fee does not compensate me for my time or expertise, but I am willing to do the initial Phase I, Four Pillar analysis as an investment in our long term partnership to increase your business.

Yes, I'd like to jump on a call with you to see if I'm HIPAA compliant

“Everyone Tells You Different Things, It’s So Confusing!”

“Ugh. I Wish I Did This Earlier!”

 … this is a comment a client recently made to me AFTER he had spent $15,000 in hard core data recovery services, had 216 hours of down time, $25,000 in services to stabilize their network and untold headaches and hair pulling. This could have been avoided by our Four Pillars Security Risk Assessment.

Here's an Example of What Can Happen

Local Doctor Takes Ransomware Malware Lightly and Spends $20,000 Just to Get Back to Square One

A local Doctor with multiple locations discovered the importance of preventative maintenance the hard way.

Their IT guy was part-time. He was the brother of the owner that ran around fixing PC problems as they cropped up.

Everything was going along fine...or so they thought. One PC became infected when a user clicked on a phishing email link from someone she thought was a friend. The malware started by attacking her computer first. Uncontrollable POP-UPS, CPU spiked to 100% causing the inability to run any commands or programs. She was forced to shutdown the PC, and when she rebooted, it would no longer load into the operating system.

This nasty little leech started replicating and attaching itself to files. -The ransomware malware encrypted their data, causing important files to become inaccessible by the staff of 50 users.

-The ransomware malware impaired their electronic health records (EHR) system, making it a nightmare to pull up simple customer records -and immediately brought down their Microsoft Exchange email server, meaning no e-mail could come in or go out! Total medical practice meltdown. All of a sudden it was like they were back in 1985, relying on phone calls and paper forms for everything!

The Clean Up Costs Were A Kick in the Teeth Too

They had to shell out $20,000 to remove the ransomware malware, restore their network and get back up and running.

Notice I did NOT say “Optimize their systems to make sure this doesn't happen again.” That's right, the $20,000 was just to clean up the mess and get them back to “square one”.

Their systems were STILL vulnerable to exactly the same kind of attack in the future!

And Here's Why They are Kicking Themselves Now 

This disaster would have been prevented with our Four Pillars Security Risk Assessment.

Yes, I'd like to jump on a call with you to see if I'm HIPAA complianT

More Case Studies

Medical Practice Spared from Data Erasing Disaster

We did a diagnostic on a similar healthcare company and found that they were at risk for a similar situation. We fixed it. Who knows what other problems were avoided.  

Successful Medical Practice Setting Up New Office Saved $334,000:

Client signed on in March 2012. Moved from Florida to NC. Scaled down employees when they moved. Didn’t need all the extra computers. Saved lots of money on technology and IT support.

Total cost $50,000, savings $334,000 + maintenance and lease. This would not have been possible without our Four Pillars Security Risk Assessment.

Our "Four Pillars Security Risk Assessment" Can Save Your Medical Practice Tens of Thousands of Dollars.  It Can Save You from Expensive HIPAA Fines, Downtime, Ransomware Malware, Reduced Productivity and the Personal Grief and Frustration That Often Follows When Medical Practice Owners Get Too Busy and Ignore IT Issues.

Click on the button below to get started today!

Yes, I'd like to jump on a call with you to see if I'm HIPAA complianT