CitiusTech Security & Compliance Management Practice helps healthcare organizations safeguard their health care applications, architecture, deployments and PHI to meet the challenges of a changing technology environment. CitiusTech's security team of certified professionals bring strong expertise across security processes and best-in-class tools to benchmark security posture, identify vectors and assist in mitigation techniques.

 

Application and Mobile Security: Automated and manual security assessment based on Open Web Application Security Project (OWASP) Top 10 standards. It covers security of Web, Mobile & Thick client applications, and web services. Security Engineering: Perform Security Engineering assessment of a healthcare product involving threat assessment, risk assessment, Secure Code Review using automated tools, 3rd party component assessment, preparing a mitigation plan
   
Cloud Security Review: Understand the Cloud deployment and identify the applicable security and compliance requirements. The security review of Azure and AWS cloud subscriptions is 100% automated process through UI automation Compliance Reviews: Conformance testing for Regulatory & other compliances E.g. HIPAA, FDA, US DoD, and others. Security domains covered includes but not limited to Authentication Security, Identity Access Management, Access Control, Encryption, Audit Controls, etc.
   
Vulnerability Assessment and Penetration testing: Performing automated and manual assessments of systems to identify potential security threats and misconfigurations. Also Simulating a role of an external attacker to find vulnerabilities and to exploit them Hospital security framework: CitiusTech’s Hospital security framework helps healthcare providers in planning, implementation and monitoring a comprehensive security protection mechanism. It covers all 3 i.e. people, process and technological aspects.