Qwemtsín Health Society is a Kamloops, Canada-health facility providing innovative, high-quality medical and dental care services to three first nations communities in British Columbia. Since 1996, they have been offering a wide range of health programs, services and education.
- Integrate Secure remote user access
- Improved security posture
- Enhanced Security and Compliance
- Ongoing Security Awareness Training
With offices in Kamloops, Savona and many remote employees, Q’wemtsin was facing some challenges with the high cost and lack of technical flexibility. There was also a desire to increase security measures and reduce latency for their remote users.
When the Covid-19 pandemic hit, it became obvious that their security posture required improvement. It was high time to modernize their platform and applications to adjust to the new normal and most importantly be prepared to meet the demands on the health care sector.
In the healthcare space, they needed to keep everything secure to protect patient data. They were looking for help creating a baseline security review process that aligned with the need to be HIPPA and PIPIDA compliant.
Secure IT provided cybersecurity and testing services. First, they helped with the annual security review. This is a comprehensive review of everything related to the business, including policies and procedures. The team also performed an internal scan and audit of our systems, reporting on the maturity level of our infrastructure. Secure IT helped create a roadmap where we can track progress reports on security compliance.
Next, we provided recommendations for what they viewed as areas of weakness. They also provided a rating and an explanation of their rating scales. This showed us how we rank against norms and standards and where we should be.
The team also ran an external penetration test against our public-facing audits. They scanned and tested the security of those systems. Then, the SIT team provided reporting on any vulnerabilities they found through those tests and recommendations to remedy them. Finally, we run quarterly internal scans.
“Since our industry is so highly regulated, we wanted to be sure our security was performing as well as it possibly could. We are subject to customer audits, and Secure IT Systems helped us strengthen our policies and operating procedures to frame us in the best light with our clients. There is a lot of depth to their background in information security and physical security. They know how to provide full coverage and give good suggestions to eliminate gaps.”
What evidence can you share that demonstrates the impact of the engagement?
Based on my past experience, working with SIT was exceptional. They’re extremely knowledgeable. This can be a daunting task for an organization and they were very professional and patient.
The SIT team doesn’t waste time, they get right to it. Additionally, the results were very well laid out and did a great job of giving us a clear picture of what we needed to work on. They were also willing to accommodate some of our extra requests.
How did SIT perform from a project management standpoint?
They do a great job communicating with us. I ended up feeling like they were a part of our team.
What did you find most impressive about them?
They brought professionalism, experience, knowledge, and logic to this endeavor. From the get-go, you can tell they’re experts in the space. I felt comfortable working with them, they really know what they’re talking about.
Are there any areas they could improve?
No, everything went exceptionally well.
Do you have any advice for potential customers?
Explore the process upfront with them. Go into the engagement knowing you’re going to work with a well-organized, well-structured, and professional team. Listen to them and don’t fight the process.