Security Basics mailing list archives

RE: Niche Security Market

From: "jm" <jm () mindless com>
Date: Mon, 22 Sep 2003 22:54:07 +0100

Some useful training links for anyone interested...

http://www.trainforhipaa.com/certification.html

In the UK we have 7799 requirements coming into force for the health
industry, has anyone got any references for a comparison?

Cheers

JM

-----Original Message-----
From: Brian Pomeroy [mailto:lunar () voicenet com] 
Sent: 22 September 2003 19:39
To: 'Nestor Cabrera'; security-basics () securityfocus com
Subject: RE: Niche Security Market

Nestor:

Since HIPAA is a federal law with serious consequences for
non-compliance,
there certainly is a market for experts and consultants.  However, given
that the first part of the law went into effect last April, most mid- to
large-sized healthcare institutions lined up HIPAA consultants long ago.
Most of the major IT consulting firms have HIPAA security expertise,
which
includes system analysis, penetration testing, training, etc.  There may
still be opportunities to work with small providers such as individual
physician practices, and maybe even some startups.  

If you're looking for a general resource on HIPAA, a good starting point
is
HIPAASource, at http://www.himss.org/hipaasource/hipaasource.asp, and
HIPAAdvisory, at http://www.hipaadvisory.com/.  Please note that as a
HIPAA
and healthcare security consultant, you'll be competing with many
well-established firms with years of experience in the field.

Good luck...

Brian Pomeroy
e-Transformation / e-Medicine Center
The Children's Hospital of Philadelphia
http://www.chop.edu/
pomeroy () email chop edu
Personal site: http://www.voicenet.com/~lunar/

=====================================


Hello all,

I'm considering opening a security consulting firm specializing in
helping 
secure medical companies and complying with government security
regulations 
(i.e. HIPAA). My questions are a) is there considerately enough of a
market 
to mandate such a specialization and b) does anyone have any experience 
servicing such a niche market and if so are there any best practices, 
information resources, etc. that can help me create a plan that is 
comprehensive enough for medical practitioners to understand the
benefits of

securing their systems. Ideally I plan to target small to medium sized 
institutions that don't staff full time IT personnel. Many thanks to
your 
replies.

_________________________________________________________________
Help protect your PC.  Get a FREE computer virus scan online from
McAfee. 
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----





------------------------------------------------------------------------
---
------------------------------------------------------------------------
----




---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Niche Security Market Nestor Cabrera (Sep 22)
- Re: Niche Security Market James Fields (Sep 22)
- RE: Niche Security Market Brian Pomeroy (Sep 22)
  - RE: Niche Security Market jm (Sep 23)
    - Montreal CISSP training etc J Kallberg (Sep 23)
    - Re: Montreal CISSP training etc Karen Letain - IP3 (Sep 23)
- <Possible follow-ups>
- RE: Niche Security Market Brian Rosario (Sep 22)