• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

  • Opinion
  • Health IT
    • Behavioral Health
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Patient Engagement
    • Population Health Management
    • Revenue Cycle Management
    • Social Determinants of Health
  • Digital Health
    • AI
    • Blockchain
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • M&A
  • Value-based Care
    • Accountable Care (ACOs)
    • Medicare Advantage
  • Life Sciences
  • Research

KLAS: Security & Privacy Consulting Services 2022

by Syed Hamza Sohail 08/30/2022 Leave a Comment

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print

Can Healthcare Withstand Hacking?

What You Should Know:

– Cybersecurity attacks are on the rise, and healthcare organizations are especially at risk. Security vulnerabilities can lead to financial penalties imposed by OCR, damaged organization reputations, and the increased risk of patient safety and data being compromised.

– A new report by KLAS examines several such firms (and one cross-industry firm) to determine who effectively assists in reducing risk, engages closely with clients, and exceeds expectations.

Using Data-Driven Models to Improve Cybersecurity in 2022

KLAS data and reports are a compilation of research gathered from websites, healthcare industry reports, interviews with healthcare, payer, and employer organization executives and managers, and interviews with vendor and consultant organizations.

In its latest report, KLAS examines cybersecurity trends in 2022. The main findings and the relevant firms are mentioned as follows:

Clearwater: Validated across a wide range of organization sizes, with a background in risk management. It offers a software tool in addition to several services, of which risk assessments are the most commonly used by interviewed clients. Majority of interviewed clients are very satisfied, and many are large organizations. “Clearwater does a great job. We think of them as a partner. Clearwater has done a great job with executive involvement; the firm’s executives have been heavily engaged with us. Even with the transition of people, Clearwater has continued to work with us. They have been wonderful to work with. I don’t know how Clearwater keeps up with all of us. They have always executed everything we have asked for, even when we wanted more and they had to step away to evaluate things. But Clearwater has always come back with a great time frame and a great effort to make our requests happen.” —Manager

CynergisTek: In May 2022, the firm entered into agreement to be acquired by Clearwater. It offers a range of strategic and technical engagements, and almost all interviewed clients report using firm for risk assessments. Clients are mostly midsize organizations. “The executives made themselves available for us. I really was impressed with the people I interacted with. The firm was very knowledgeable, helpful, friendly, and good to work with. They executed very well. The report they gave us was clear enough to show us that we had a risk in a certain area. We needed to make certain changes. There was no ambiguity, so we knew what we needed to do. The firm spoke plain English. They weren’t talking over our heads, and I would recommend the firm for that alone.” —Director  

First Health Advisory: The firm offers managed services that are not yet measured by KLAS, of which the most common service used by respondents is IoMT device assessments, followed by security program assessments/development. Clients are mostly midsize organizations. “First Health Advisory Solutions did a tremendous job in helping us determine not only the vulnerabilities but the process to remediate those vulnerabilities, and they were always available for follow-up. Everything that was required for the engagement was met. We did have some instances where we had to reach out outside of the normally scheduled hours, but First Health Advisory Solutions was always quick to respond. They were able to lead and get us to focus on the medical side. They offered a different perspective and experience that we couldn’t just Google. First Health Advisory Solutions has a great understanding of the vulnerabilities and the threats from the IoMT. Being ahead of the game and having that level of expertise with some of the products has definitely helped us a lot.” —Manager

Fortified Health Security: Having been validated for a range of strategic and technical engagements, clients report highest number of penetration tests and social engineering/phishing projects of any other firm in data sample. In 2022, Fortified Health Security was the Best in KLAS winner for security and privacy managed services. “Fortified Health Security has been absolutely awesome to work with. We have round-table discussions with the firm and their other customer partners frequently. We aren’t stepping into a sales meeting; we are all peers in the same industry. We get to sit and talk about things that are wrong in IT, and Fortified Health Security coordinates things for us. Fortified Health Security executives are also involved in the discussions. Our experience with Fortified Health Security is unlike any other experience I have had with a firm.” —Analyst

Guidehouse: Guidehouse is a cross-industry firm with services that go beyond security consulting. The limited number of respondents all report high levels of execution. Some clients say staff is knowledgeable and capable of managing complex projects; a couple say firm can be inflexible. All interviewed clients are payers. “Guidehouse definitely knows their business. All parties involved in the engagement understand what needs to be done, and Guidehouse definitely works with us to try to get everyone what they need. They know what they need to do, and they are very good at it. I have worked with several different firms before, and Guidehouse’s expertise and knowledge make them one of the best firms I have worked with. Occasionally, I would reach out to them out of the blue and just ask for their guidance on something, and they were always very helpful.” —Director

Impact Advisors: Having been awarded the 2022 Best in KLAS winner for security and privacy consulting services, Impact Advisors is a firm most often known for wide range of healthcare consulting services. Clients report consistent satisfaction with security offerings. Firm is most often used by respondents for risk assessments, followed by virtual/interim CISO services and HIPAA privacy assessments. “The key about Impact Advisors is that they are one of the few organizations we have worked with that aren’t constantly trying to upsell services. Impact Advisors comes in and tends to focus on staying within the lane of understanding the culture of the organization and our financial risks. We trust that their executive-level engagements won’t always result in an ongoing laundry list of requests for additional hours like we have experienced with other firms. The level of expertise and confidence that Impact Advisors has makes it so that they don’t have to upsell themselves. Impact Advisors comes across as a partner. I don’t have to be on guard; they are a trusted partner.” —VP

Intraprise Health: Almost all client respondents are midsize organizations. Most commonly used by respondents for risk assessments, and clients report using the firm for fewer types of engagements than most other client bases.“Intraprise Health has in-depth healthcare knowledge that is typically in the hospital provider space. The vendor knows exactly what to check. They have several clients that do the same thing in the same space. The vendor’s visibility and exposure to third-party vendors are very helpful.” —Director

Meditology Services: This one is a long-standing firm in the industry that has been validated for all types of projects measured in this report, with all respondents using firm for risk assessments. Some misses in execution have caused inconsistent client experience. Clients vary widely in size, though most are large organizations.“The group was a professional unit, but they made us feel like family. That was awesome. One of the things I loved the most about Meditology Services was that one of their leaders commanded presence because of their expertise. That is not always easy to do. Across the board, they had a diverse group. Our account manager was just insanely awesome and smart and was a perfect professional. Meditology Services hires experts. In a world where it is hard to find experts in this space, Meditology Services hires them. We are always going to get someone that is good. They partner well. It is important for us to form a relationship, and all of Meditology Services’ consultants figured out a way to fit in well. That is important to me.” —CIO

Tw-Security: The report found that clients are highly likely to recommend this firm to others. Clients are mostly small organizations, and majority of respondents use firm for risk assessments. More than half also use firm for HIPAA privacy assessments and security program assessment/development. “tw-Security is outstanding in what they do. The service is very clear and detailed. tw-Security has become a part of our organization. Tom Walsh and his team do a very thorough job of assessing and also understanding our needs. Tom Walsh knows what to focus on, and that gives us knowledge and security in the practices that we are affiliating with. The tw-Security team explains things at a level that can be understood by office managers that typically don’t have their fingers in IS and IT. tw-Security makes sure that the transfer of information is secure. tw-Security is really good at sending out alerts to us that we can pass on to our practices. We pretty much got things down to a smooth transition of an action plan at the very end.” —Manager

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print

Tagged With: Best in KLAS, Cybersecurity, google, HIPAA, Impact Advisors, KLAS, Partners, patient safety, Payers, Phishing, risk

Tap Native

Get in-depth healthcare technology analysis and commentary delivered straight to your email weekly

Reader Interactions

Primary Sidebar

Subscribe to HIT Consultant

Latest insightful articles delivered straight to your inbox weekly.

Submit a Tip or Pitch

Featured Insights

2025 EMR Software Pricing Guide

2025 EMR Software Pricing Guide

Featured Interview

Paradigm Shift in Diabetes Care with Studio Clinics: Q&A with Reach7 Founder Chun Yong

Most-Read

Medtronic to Separate Diabetes Business into New Standalone Company

Medtronic to Separate Diabetes Business into New Standalone Company

White House, IBM Partner to Fight COVID-19 Using Supercomputers

HHS Sets Pricing Targets for Trump’s EO on Most-Favored-Nation Drug Pricing

23andMe to Mine Genetic Data for Drug Discovery

Regeneron to Acquire Key 23andMe Assets for $256M, Pledges Continuity of Consumer Genome Services

CureIS Healthcare Sues Epic: Alleges Anti-Competitive Practices & Trade Secret Theft

The Evolving Role of Physician Advisors: Bridging the Gap Between Clinicians and Administrators

The Evolving Physician Advisor: From UM to Value-Based Care & AI

UnitedHealth Group Names Stephen Hemsley CEO as Andrew Witty Steps Down

UnitedHealth CEO Andrew Witty Steps Down, Stephen Hemsley Returns as CEO

Omada Health Files for IPO

Omada Health Files for IPO

Blue Cross Blue Shield of Massachusetts Launches "CloseKnit" Virtual-First Primary Care Option

Blue Cross Blue Shield of Massachusetts Launches “CloseKnit” Virtual-First Primary Care Option

Osteoboost Launches First FDA-Cleared Prescription Wearable Nationwide to Combat Low Bone Density

Osteoboost Launches First FDA-Cleared Prescription Wearable Nationwide to Combat Low Bone Density

2019 MedTech Breakthrough Award Category Winners Announced

MedTech Breakthrough Announces 2025 MedTech Breakthrough Award Winners

Secondary Sidebar

Footer

Company

  • About Us
  • Advertise with Us
  • Reprints and Permissions
  • Submit An Op-Ed
  • Contact
  • Subscribe

Editorial Coverage

  • Opinion
  • Health IT
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Population Health Management
    • Revenue Cycle Management
  • Digital Health
    • Artificial Intelligence
    • Blockchain Tech
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • Value-Based Care
    • Accountable Care
    • Medicare Advantage

Connect

Subscribe to HIT Consultant Media

Latest insightful articles delivered straight to your inbox weekly

Copyright © 2025. HIT Consultant Media. All Rights Reserved. Privacy Policy |