Client Case Studies

Covid-19 Medical Supplier HIPAA Certification

UNITI Cyber Solutions helped a medical supplier achieve HIPAA compliance. This was necessary because the national supplier was not compliant this meant they were unable to sell to hospitals they were unable to sell to other Healthcare Providers they were unable to do business with those entities because they would like in the compliance that demonstrated they had proper security controls in place. 

UNITI Cyber Solutions conducted an initial semi-automated HIPAA compliance assessment. Based on that assessment we implemented a cybersecurity strategy, embedded a virtual CISO,  created policies procedures and standards, defined the overlap in a crosswalk between HIPAA HITECH, NIST and GDPR compliance. We also implemented HIPAA compliance remediation and monitoring between AWS and their local machines.

UNITI Cyber Solutions was able to get the medical supplier HIPAA compliant within 30 days. This resulted directly in the medical supplier gaining three new contracts to supply much needed related medical supplies to area healthcare providers impacted by Covid-19 worldwide. The medical provider was able to increase revenue projections from USD 250,000 to USD 1.3 mil.

Telecom Surprise Audit Support

A U.S. based telecommunications company was facing an audit as a third-party service provider to another this audit was part of their service level agreement with the organization they were subject to NIST CSF and GDPR framework audits. The telecommunications company was given a 10 day deadline to produce current and historical evidence of compliance dating back approximately 180 days. 

Lack of sufficient evidence of security and compliance, or remediation strategy would result in potential loss of at least USD 250K.

The client had not kept logs, records, or other compliance documentation for the duration of the contract. The client had not completed a full, or intermediate compliance assessment or update since the beginning of their third party service engagement. 

The lack of demonstrable evidence meant that the client was not only potentially not in compliance with NIST CSF and GDPR frameworks and regulations, but also in violation of the terms of contract with their own client. 

The telecommunications client wanted to demonstrate compliance, to avoid termination of contract and potential revenue and reputation loss

 UNITI Cyber Solutions was brought in on day 3. We conducted NIST and GDPR assessments. We developed a strategy to review existing log and other business documents to determine the telecommunications company current and previous state of compliance. 

Using the previous compliance level as a baseline, we compiled the evidence for submission, and determined a maturity score for the compliance and security posture. Along with the maturity score, we created a strategy to achieve a higher compliance and maturity score.

The telecom client added services to create a roadmap, and assist in raising their maturity level, and monitoring and maintaining their compliance with NIST and GDPR regulations. The client also added HIPAA compliance and a vCISO service to ensure ongoing compliance, security and strategy.

The telecom client was able to properly demonstrate compliance, keep their contract, and identify other business opportunities with newfound confidence in their ability to quickly and definitely demonstrate their compliance to multiple frameworks.