Local Government Medical Agency | Case History

WCG tested and implemented security controls as documented in the HIPAA compliance standards to determine the extent to which the controls were being implemented correctly, operating as intended, and producing the desired outcome.

WCG Strategies

In short, we worked to ensure the system security requirements were achieved. To do this, WCG employed a variety of information gathering and assessment methods (e.g., interviewing, inspecting, studying, vulnerability assessment and penetration testing).

In conducting vulnerability assessment tests, WCG was careful not to affect system availability or alter configuration or data on the tested devices. Penetration tests were conducted through the public Internet. WCG provided the agency with the IP addresses from which the tests were to be conducted and gave sufficient advance notice. All tests were performed in compliance with departmental, federal and international guidelines and coordinated with the agency.

The tests and services WCG performed included:
  • Network analysis
  • Risk assessment and penetration testing
  • Development and review of HIPAA security policies and procedures
  • Development of continuity of operations/business continuity planning, risk management, contingency and disaster recovery plans and procedures
  • Development of security incident response planning and procedures
  • Training personnel on security policies and procedures
  • Development of security configuration management planning and procedures
  • Development of facility security planning and procedures

Based upon prescribed government guidance and industry best practices, WCG recommended alternative approaches to remedy identified deficiencies. Alternatives were presented with respect to projected suitability to the objective, effectiveness, efficiency, initial cost, long-term maintenance and support requirements.

Why WCG?

Our FedRAMP process and use of internal application provide a faster and simplified approach to evaluate controls and identify deficiencies. Depending on your application or service’s complexity, categorization of risk level, and maturity of infrastructure, we can effectively and efficiently get you ready for the authorization up to 60 days, which saves 80% faster time to market.

Our pricing is competitive and straightforward with no hidden agenda, miscellaneous charges, or add-on fees, which provides you with at least 40% cost savings compared to others’ pricing and approach.

Our dedicated team is incredibly talented, knowledgeable, and experienced in conducting FedRAMP assessments and providing consulting in accordance with NIST 800-53 Revision 5. We have unique experiences in working with both the federal government agencies (such as the Department of Homeland Security, Department of Defense, and General Services Administration) and corporate cloud services providers who serve the federal government. These experiences allow us to have the know-how to ensure businesses are successful with their assessments.

Knowledgeable and Experienced Team

Our team has unparalleled experience aiding governments and businesses around the world in defending themselves against cybercrime, reducing risks, complying with regulations, and transforming their IT, security operations & infrastructure.

Practical Guidance

WCG has hands-on IT experts who have extensive knowledge and experience helping businesses.

Reasonable Pricing

We provide simple, straightforward pricing with no hidden agenda, miscellaneous charges, or add-on fees.

Personalized Customer Service

Our personable, dedicated staff to answer any questions you have at any time throughout the process.

Proven Track Records

WCG has an exceptional reputation and track record for numerous services.

Adopting to Your Needs

We develop and customize an approach that suits your immediate requirements and future goals. To achieve this, WCG will provide pragmatic insights and balanced views on how to prioritize any associated actions.

Role and Impact of Women in Technology

Even with the underrepresentation of women in the technology industry, many women have taken ...

COVID-19 Facts: How Business Leaders Should Take Action

At the current time, much is unknown about the COVID-19 pandemic that has swept the globe. However ...

Surviving Security Risks Existent in Third-Party Software

Third-Party Software is comprised of software libraries, modules and other components ...

Services you may be interested in

Subscription Center

Stay in the Know with Our Newsletter