I have successfully completed 25 plus HITRUST certifications and HIPAA Compliance for small to major healthcare organizations including hospitals and several Risk and Cybersecurity assessments. I have also worked with large security organizations to help their clients certify for HITRUST certification.I have performed the following tasks:• Pre-assessment and Preparedness for HITRUST for validated certification.• i1, e1 and r2 validation certification.• HIPAA Security and Privacy Risk and Vulnerability Assessment by scanning the entire network and in-scope systems.• Review GAP analysis and prepare Corrective Action Plans to remediate issues.• Creation and revision of Policies and Procedures and implementation for HIPAA compliance and HITRUST certification.• Prepare and consult for measuring and managing security controls.• Advising and consulting on evidence collection with different departments.

Consultant for ecfirst:1. Pre-assessment for HIPAA and HITRUST.2. Preparedness for HIPAA Compliance and HITRUST certification validation.3. Risk and Vulnerability assessment.4. Process, Review GAP analysis.5. Prepare Policies and Procedures for HIPAA compliance and HITRUST certification.6. Prepare and consult for implementation.7. Review measure and manage for security controls.

Developed, maintained, and managed IT infrastructure, support, and procurement for IT-related assets.Successfully developed HIPAA compliance and Risk management program.Prepare for HITRUST certification.Developed security and privacy policies and procedures.Implemented procedures and setup automated tools to measure and manageGenerated significant cost savings by streamlining processes and introducing a cost-saving training program.Introduced and developed a mobile application that increased the efficiency of a department with 200 users and reduced the cost of doing business by 70%.Optimized operations by promoting and enforcing best practices to minimize business disruption/downtime.Manage and maintain healthcare insurance client security audits.Minimized and remediated risks by providing technical oversight to Risk Assessment, Vulnerability Assessment, and Penetration Test.Re-created a new Disaster Recovery and Business Continuity Plan with a clear agenda and plan of action.Audited third-party vendors for data security and HIPAA compliance regulations.