ecfirst_logo_2008        ecfirst_logo_2008
press release

Contact: John Schelewitz
Phone: +1.480.663.3225

Conducting Vulnerability Assessments for HIPAA Compliance
IRVINE, CALIFORNIA, USA – June 5, 2013: A key requirement of compliance regulations, such as HIPAA, HITECH, or PCI DSS, is that organizations’ must conduct a comprehensive and thorough assessment of the potentials risks and vulnerabilities to the confidentiality, integrity, and availability (CIA) of all sensitive information such as Personally Identifiable Information (PII) or Protected Health Information (PHI). These compliance mandates require that organizations must complete a comprehensive and thorough vulnerability assessment on a regular schedule.

When was the last time your organization conducted a risk analysis activity that included a technical vulnerability assessment?

The ecfirst bizSHIELDtm risk analysis program includes a technical vulnerability assessment to address HIPAA and HITECH mandates with the objective of establishing and prioritizing compliance and security gaps. The ecfirst bizSHIELDtm Technical Vulnerability Assessment Service supports several distinct components, including:
  • External Assessment
  • Internal Assessment
  • Firewall Assessment
  • Wireless Assessment
  • Social Engineering
ecfirst developed the bizSHIELDtm program to assist organizations’ in meeting the requirements of compliance regulations. As a part of the bizSHIELDtm program, ecfirst lists every requirement of the regulation in a risk analysis format that identifies an organization’s state of compliance with the requirement, recommended remediation activity, and associated risk priority. All remediation activities are listed according to recommended implementation time bands in the bizSHIELDtm Corrective Action Plan (CAP) table.

The bizSHIELDtm report is an actionable, documented risk analysis that provides both in depth and executive summary level findings appropriate to all audiences from administrators to the Board of Directors.

Complimentary External Vulnerability Assessment. Schedule Now!
For a very limited time, ecfirst offers a complimentary vulnerability assessment specific and tailored to the risks from the outside to your systems & applications. Call John Schelewitz at +1.480.663.3225 to discuss details or email John @
On-Demand Consulting (ODC)
ecfirst can provide Project Managers and information security as well as compliance resources for your initiatives - to advise, guide and implement your plans and activities. Compliment your team with ecfirst project management and security staffing resources to meet your short term and long term requirements. The ecfirst On-Demand Program starts with a commitment of consulting time @ 40 hours or more with no short term or long term commitments - and flat rate pricing.On-Demand Consulting (ODC) Jumpstarts Your Compliance Activities!
Managed Compliance Services Program (MCSP)
ecfirst is the first organization in the industry to introduce an optional Managed Compliance Services Program (MCSP) that addresses HIPAA Privacy, HIPAA Security and HITECH Act mandates over a 36-month period based on a fixed monthly fee for a specified combination of services. Managed Compliance Maintains Your Compliance Program!
CHP & CSCS™ = 2 Highly Valued Credentials
The CHP and CSCS™ certification programs are now scheduled in several cities across the USA. or, bring the CHP or CSCS™ Program to your site.
Classes scheduled in multiple cities across the USA
Learn about key aspects of the HIPAA regulation including Transactions and Code Sets, Identifiers, Privacy and Security. Step through new requirements related to the HITECH Act. This is an exceptional program delivered by Lorna Waggoner, a HIPAA expert. To register, visit www.HIPAAAcademy.Net.
Classes scheduled in multiple cities across the USA
To attend the only certification program in the industry that addresses PCI DSS, ISO 27001/27002, HIPAA, NIST, FISMA, and other information security regulations, please register at, and click on the CSCS™ Program. The CSCS™ Program is presented by compliance and cyber security experts. CSCS™ is the world's first program focused on regulatory compliance and cyber security. To register, visit To register, visit
About ecfirst – Gold Standard for Compliance & Security
ecfirst, home of the HIPAA Academy, delivers deep expertise to healthcare covered entities, business associates and health IT vendors with its full suite of services that include:
  • Risk Analysis and Technical Vulnerability Assessment
  • On-Demand Compliance & Security Remediation Services
  • Contingency Planning/Business Impact Analysis (BIA)
  • Policy Templates (available for HIPAA Privacy, HIPAA Security, ISO 27000, PCI DSS)
  • Managed Compliance Services Program (MCSP) for continual HIPAA and HITECH compliance
With over 2,000 clients since 1999 and recognized as an Inc. 500 firm –America’s fastest growing Top 500 privately held business in its 1st year of eligibility, ecfirst has enabled hundreds of organizations all across the United States and abroad, achieve and maintain compliance with regulations and standards that impact their business. ecfirst is Minority Business Enterprise Certified and accredited by the Better Business Bureau (BBB).

For a customized proposal on HIPAA or HITECH compliance mandates, please contact John Schelewitz at or at +1.480.663.3225