We know that in healthcare, the safety and care of the patient comes first. With everything that follows, from privacy regulations through to crisis management and compliance, we don’t lose sight of this basic fact. We understand that keeping patients and providers safe requires rigorous governance, rigorous security, and a rigorous approach to privacy. Through our converged security approach, we’re here to support healthcare providers in ensuring the safety, security, and privacy of their patients across a vastly complex ecosystem of requirements. As is the case with so much of our company’s experience, we know that lives are at stake, and chain reactions from small decisions can have significant and serious consequences. Uptime and business continuity, in these contexts, mean life and death.
In the modern health care environment, patients are no longer passive participants. They are demanding transparency, convenience, access, and personalized products and services. We know that healthcare providers are seeking more accessible and cost-effective means of leveraging both new and emerging technologies. The adoption of digital tools to deliver health care services (from big data analytics and robotic automation of procedures through virtual and cloud-based care) brings with it unprecedented cybersecurity and privacy risks. With this transformation in mind, ADGA works with healthcare clients to integrate and mature their in-house operations.
We bring a dedicated team of privacy and security professionals, expert in the many unique requirements faced by the healthcare sector. Beginning with deep knowledge of relevant legislation and compliance requirements – such as PIPEDA, PHIPA, PIPA and ARPPIPS – we work to ensure that we develop robust and proactive programs where every security concern is considered with privacy expertise, and every privacy concern is considered with security expertise.
Mission critical experience when lives are on the line
For more than 50 years, ADGA has built a reputation for empowering our partners to keep Canadians safe in mission critical and time critical situations. Though this began in defence contexts, from the skies to space and engagements overseas, we now apply that same expertise in critical public infrastructure and applications across the country and across all sectors. Our teams are trusted to operate under pressure, in environments where every decision made can have an impact on lives saved, and to proactively help our partners ensure that they too can operate at their most effective.
A trusted partner for Canadian health care for over 35 years
Recent engagements include:
- Privacy Impact Assessments (PIA) and Threat-Risk Assessments (TRA) services for Plexxus and its member hospitals;
- Application Security Testing, Vulnerability Assessments (VA) and Penetration Testing for critical web applications for Women’s College Hospital (Toronto);
- TRA and VA for a medical research facility in Quebec followed by the development and implementation of a an updated corporate security strategy and roadmaps;
- TRAs for Health Canada at various facilities across Canada; and
- Business process re-engineering and development of a common technology architecture strategy for Health Canada.
Ecosystem-wide Assurance and Advisory services
Security threats in healthcare don’t stop at the perimeter. In the healthcare landscape, the top threats, including ransomware, lost and stolen assets, basic human error, and web application vulnerabilities, need to be defended across all attack surfaces and throughout the organization.
We help healthcare clients build security considerations into decisions at governance, programmatic and operational levels. Comprehensive and proactive threat risk assessments allow not just a clear understanding of weaknesses and gaps, but actionable steps to address them.
Business continuity and disaster recovery plans ensure healthcare providers are prepared to provide sustained continuous service when faced with critical incidents where lives may be at stake. When the fallout from an unforeseen incident at a single point of failure can lead to real patient harm.
The migration of healthcare infrastructure, including patient data, to cloud-based services, opens a vast new array of security and privacy concerns for any provider. Our cloud migration planning provides detailed assurance that any migration to cloud infrastructure is in line with regulatory requirements, and does not introduce new unforeseen threats and risks to providers or patients.
Managed security services for healthcare
Hospitals are provided with an overwhelming choice of IT security products and services. Adopting new technologies, rightly, can take time. Women’s College Hospital identified a need for improved control and visibility in their existing network operations and security infrastructure, engaging us to build a Network Security Operations Center (NSOC) to offer proactive security monitoring and centralized management, keeping privacy and governance paramount.
ADGA’s NSOC allows WCH to improve operational efficiency and situational awareness, while delivering maximum Return on Investment.