Simplifying compliance and risk management

GoodHealth* is a leading provider in wellness healthcare, specializing in care for seniors. As a healthcare provider and insurer, GoodHealth faces a dizzying array of regulatory requirements such as HIPAA, HITECH, CMS, PCI DSS, Red Flag, and numerous state privacy laws.  Moreover, with IT becoming critical to the delivery of care, GoodHealth must take proper steps to ensure the availability of its systems.  Finally, compliance and risk must be managed in the context of a rapidly growing organization than has been built in part through acquisitions and the heterogeneity of systems and processes that entails.

GoodHealth engaged TruArx two accomplish two objectives.  First, GoodHealth needed support to build and operationally execute an effective IT governance, risk and compliance program.  TruArx consultants will spend a year with tapering involvement over time accomplishing this objective.  Second, GoodHealth needed a technology to help it manage its diversity of IT compliance requirements across a complex infrastructure. TruComply, TruArx’ IT GRC application, was selected after a competitive evaluation as the best fit for meeting GoodHealth’s requirements.

* Real Name withheld to maintain competitive advantage