Virtual CISO for Medical Software
Please find under a summary covering project details and feedback. The innate facts are kept as they are, private information is amended.
Introductory information
Introduce your business and what you do there.
Our application supports clinical trials. I’m our vice chairman of technology.
Desired goal
What challenge were you trying to address with FRSecure?
Our activity is heavily regulated, and we need to keep our data security HIPAA compliant. We needed help assessing the level of our information security, and reached out to FRSecure for their recommendations and betterments.
Provided solution
What was the aim of their involvement?
Initially, we signed up for their possible CISO (Chief Information Security Officer) program. They reviewed our policies and measure operating procedures to find any gaps, and they examined the natural security measures within our service. From all the information they gathered, they built a report that outlined our strengths and weaknesses, and a playbook that that suggested betterments for our weakest areas.
What is the team compound?
There is a project director, but most of our interaction is with the Virtual CISO they prepare. We meet with her once a month to review any new information or incidents that arise.
How did you come to work with FRSecure?
They’re a local organisation that could prepare the level of engagement we were looking for. They came to our service and gave a good introduction of what they could do for us, and we felt that they would be the best fit for our needs.
How much have you invested with them?
We bestow almost $3,900 per month.
What is the status of this engagement?
The collaboration began in May 2018 and is ongoing.
Results achieved
What evidence can you share that demonstrates the contact of the engagement?
Since our activity is so wonderfully regulated, we wanted to be sure our security was accomplishing as well as it perhaps could. We are subject to client audits, and FRSecure helped us confirm our policies and operating procedures to frame us in the best light with our clients.
How did FRSecure accomplish from a project treatment standpoint?
They handle the project well. Because of the possible front, a lot of our interaction is over the phone. They pursue up with summaries of all of our meetings, with advantageous ideas for next steps.
What did you find most forcible almost them?
There is a lot of depth to their background in information security and natural security. They know how to prepare full coverage and give good suggestions to cast gaps.
Are there any areas they could better?
I can’t ponder of any areas of betterment for them at this time. We have a good relationship.
Do you have any advice for possible clients?
Be honorable almost the running status of your information security programs, don’t try to hide anything. They will be able to help you best if you are open with them.