Healthcare has become a top target for malicious actors bent on profiting from cyberattacks.

Ransomware events and other breaches have become commonplace for healthcare entities and organizations are often underprepared to deal with the magnitude of impact to the business from cyber events.

Cybersecurity incidents have wide-ranging impacts including patient safety, operational effectiveness, and regulatory compliance.

Meditology’s Incident Response Services help healthcare entities limit the duration and impact of adverse security and availability incidents and improve the organization’s resilience for inevitable security and IT events.

Incident Response


  • Facilitated incident response testing and tabletop exercises
  • Incident Response Plan (IRP), policy, and procedure development
  • Ransomware tabletop exercises and preparation
  • Business Continuity and Disaster Recovery (BC/DR) tabletop exercises


  • Leverages leading practices from premier healthcare entities
  • Engages stakeholders to understand and adopt formal business continuity and incident response practices
  • Identifies strengths and weaknesses of your incident response function
  • Understands the healthcare industry inside and out and provides relevant guidance
  • Includes our experienced team of former healthcare CISOs and healthcare cybersecurity experts
  • Is founded upon our experience helping healthcare entities respond to real-world cyberattacks
Quote Icon

The Incident Response Tabletop Exercise engagement process was great.

Communication, logistics, deliverable – everything was of the highest quality. We use hundreds of vendors, I made the case to bring in Meditology and the output of this was exceptional.

Senior Manager

Information Assurance, Award Winning Academic Medical Center

Quote Icon

Onsite Health Diagnostics has relied on Meditology Services for HIPAA security risk assessment and penetration testing since 2014.

Meditology’s information security services have provided OHD’s customers and business partners with confidence in the seriousness with which we take the our responsibility to protecting their highly sensitive data. We have been more than pleased with Meditology’s professionalism, diligence and responsiveness, and we look forward to working with them for years to come. Since our founding, OHD has been dedicated to exceptional client service, providing stress-free employee health screenings and workforce health data analytics. Our clients, who include Fortune 500 corporations, hospital systems, financial institutions, state & local governments and small businesses alike, rely on OHD’s commitment to privacy and security when it comes to their employee health data.

Kyle Alexander

CEO, Onsite Health Diagnostics

. . . . . . . . . . .

Quote Icon

We chose Meditology mainly for their demonstrated knowledge and understanding of HIPAA, ARRA/HITECH and established security standards.

They were unfailingly professional throughout the information gathering and data gathering processes, kept to their timeline and verified the results that they found. The reports produced were accurate and easy to understand, with appropriate benchmarking to other health care organizations and the security industry as a whole. Most importantly, they provided concrete and achievable suggestions to help mitigate the risks identified.

Barbara Anson

CISO, Baptist Memorial Health Care Corporation of Memphis, TN

Quote Icon

Meditology worked hand in hand with our existing teams to perform a thorough analysis.

Meditology leads security-related events in the area. After hearing their expertise we decided to utilize their services for one of our annual risk assessments. Meditology worked hand in hand with our existing teams to perform a thorough analysis. I was impressed with their reviews of even our remote locations to not only conduct interviews but to verify what was truly in practice. Meditology conducted regular meetings with the security team to ensure timelines were on schedule and that we had a mutual understanding of the findings and status. I’ve worked with many companies over the years on these assessments and Meditology is not a group that just checks the boxes. Meditology has an intelligent staff that is up to date on the current regulations.

They have deep conversations on what is needed and why. They help you achieve your goals by aligning where you are today with where you want to be in the future and setting a course.

I am glad we decided to work with Meditology and create a partnership that aligns with our interests.

Nicholas Thomas

Director of Technology Services, Harbin Clinic Information Technology Services

Quote Icon

Throughout the readiness process, Meditology Services provided templates and recommendations for changes needed to meet HITRUST requirements.

As a provider of data analytics to health plans, it is essential that our firm demonstrate the highest levels of data security for our clients. We set a goal to achieve certification on the HITRUST security framework and sought out Meditology Services as a third-party security assessor to assist us. Throughout the readiness process, Meditology Services provided templates and recommendations for changes needed to meet HITRUST requirements. Their guidance, knowledge and professionalism was essential to our successful HITRUST certification. We are thrilled with their team and resources and look to leverage them for our future HITRUST assessments as well.

Matt Siwickie

Chief Information Security Officer, NextHealth Technologies

Quote Icon

Meditology was nothing but professional from start to finish for the project with McLaren.

We outsource our IT services and they worked closely with us, and the vendor, to collect required documentation, they accepted input from both sides and explained their conclusions once findings were verified. The team's project time lines, status reports, and weekly follow up calls kept us all on track for a timely completion. Meditology addressed the significant risk areas in a straightforward manner without making respondents feel defensive, and they freely offered information about industry best practice. The team has definitely won the confidence of our Executive group and expect we will be asking Meditology for more work in the future.

Denise Dach

Corporate Director of Compliance, McLaren Health Care