Home | Press | Contact Us | Testimonials | Clients | Sitemap


ISO 27000 Solutions from ecfirst

Applying ISO 27000 to Address HIPAA, HITECH & State Regulation Mandates
Organizations are increasingly considering applying the family of ISO 27000 international security standards to comply with various U.S. federal and state regulations such as HIPAA, HITECH, as well as standards such as the PCI DSS. The ISO 27000 is a global standard that provides a comprehensive framework that organizations can adopt to address compliance requirements and establish a resilient information infrastructure.

ecfirst Brings Deep Experience & Expertise with ISO 27000
ecfirst's fast-paced, 1-day private training on ISO 27000, its policy templates, quick reference cards, and deep consulting expertise embodied in it signature methodology, BizShield™, are enabling organizations to easily adopt the ISO standard. The ecfirst BizShield™ is a signature methodology is specifically focused on the ISO 27000 standard and includes the following core components:
  • A fast paced, instructor-led, 1-day Getting Started with the ISO 27000 (ISO 27001 and ISO 27002) training delivered at your site.
  • A 2-day in-depth certification program, Certified Security Compliance Specialist™ (CSCS™) that addresses ISO 27000, PCI DSS, HIPAA, HITECH, FISMA and a lot more
  • ISO 27002 Security Policy Templates that can easily be tailored to enable your organization establish a comprehensive library of policies
  • The industry's first ISO 27002/HIPAA Security Rule Mapping Framework document
  • Managed Compliance Services Program (MCSP) for ISO 27000 that enables your organization to leverage deep ecfirst ISO expertise and yet pay a fixed monthly fee for a 36-month period and access a range of services at a fixed price
  • ISO 27000 Webcast - Applying the ISO 27000 Standard to Address HIPAA, HITECH and State Regulations
Our Commitment to You
Manage the implementation of ISO 27000 in your environment leveraging as best as possible existing information security processes, practices and capabilities
  1. Document all information requested and establish time-line for critical next steps
  2. Respond with required information and communicate with all involved parties on activities and status
  3. Establish framework for complete knowledge transfer to enable your organization to improve processes and capabilities
ISO 27000 Client Consulting Testimonial
"When GHX began discussing our march toward HIPAA compliance, there was a general consensus about where we had to be - in three years, but there was also a notable lack of agreement on how we might get there. After thoughtful consideration (and amazing good fortune) we chose to seek the services of ecfirst as our "implementation partners" to assist our efforts with HIPAA using ISO 27000 as the framework."

"I'm happy to say, it was the best choice we could have made. Their ISO 27000 experience, comprehensive approach, and practical guidance, have put us solidly on the road to achieving our goal, within our window. For GHX, achieving compliance is huge effort, and having a dependable ally was critical to our success."
Patt Anderson, Compliance Manager
GHX

Our ISO 27000 Training Solutions
ecfirst has several options for ISO 27000 training - from a tailored 60-minute webcast to a 2-day CSCS certification program. Schedule our 1-day Getting Started with ISO 27000 to learn more about the ISO 27001 and ISO 27002 information security standards and understand how these may be applied to address compliance requirements.
  1. Examine the ISO 27000 information security framework and its core components
  2. Review the ISO 27001 security standard and understand key terminology, definitions and the overall organization
  3. Step through the clauses defined in the comprehensive ISO 27002 standard
  4. Understand how compliance requirements of State regulations such as those from Massachusetts and California, as well as federal requirements such as HIPAA and HITECH can be addressed with the ISO 27000 framework
  5. Identify critical steps for organizations to get started with the ISO 27000
ecfirst ISO 27000 Training Testimonials
"The ISO 27000 Webinar in addressing HITECH, HIPAA & State Regulations was first rate. Looking forward in continuing our involvement with ecfirst in regard to consulting, training and certification. Please send my best to Ali Pabrai, he is a great speaker!"
- Juan M. Chavez, MHA, Risk Management Analyst
Catholic Healthcare West

"I really liked the detailed overview of ISO 27001/27002, and the heads up on the upcoming ISO 2700X standards. I liked the note about a written comprehensive InfoSec program being needed."
- Jim Brady, Manager, Data Center Services
Cedars-Sinai Medical Center

"I attended the ISO 27001/2 webcast. It was excellent."
- Sishir Reddy, CEO
Episource L.L.C

"The ISO 27000 brief was very helpful as my organization works to implement ISO 27000 for our security framework. I have been CHP and CHSS certified by ecfirst for several years and value ecfirst's expertise. I am interested in the CSCS certification and will be looking into ecfirst's training program for this certificate."
- Judi Hofman, CAP, CHP, CHSS
Privacy/Information Security Officer
Cascade Healthcare Community

"I found the program to give me a wonderful framework with the ISO 27000 to enhance our security program under HIPAA and HITECH.  The tools will be very helpful in the continued effort to move our program forward." 
- Lori A Beeby, Information Systems Director
Community Hospital - McCook

Contact Us
Please contact John Schelewitz at John.Schelewitz@ecfirst.com or at +1.480.663.3225 to learn more about the ecfirst BizShield™ ISO 27000 solutions to address critical compliance mandates. We would like to understand the regulations that impact your organization as well as your security challenges to determine how the ISO 27000 global information security standard can be applied to your organization.

Talk to us - you will find us to be a partner you can trust.

About ecfirst
ecfirst delivers world-class information security and regulatory compliance solutions. With over 1,400+ clients, ecfirst was recognized as an Inc. 500 business - America's Top 500 Fastest Growing Privately Held Business in 2004 - our first year of eligibility. ecfirst assists organizations with their compliance initiatives for a secure information infrastructure that is compliant with regulations such as HITECH, HIPAA, ISO 27000, or federal and state legislations (such as California or Massachusetts).

ecfirst serves a Who's Who client list that includes technology firms, numerous hospitals, state and county governments, and hundreds of businesses across the United States and abroad. A partial list of clients includes Microsoft, Symantec, HP, McKesson, EMC, IBM, Principal Financial, U.S. Army, U.S. Dept. of Homeland Security, U.S. Dept. of Veterans Affairs and many others. ecfirst is exclusively endorsed by the American Hospital Association (AHA) for its HIPAA compliance training solutions.

Talk to ecfirst and you will find an organization that is passionate about the services we deliver and exceptionally devoted to its clients.

We deliver value with intensity and are paranoid about our performance for your organization..

For more information, please visit http://www.ecfirst.com/.