Case Studies

Cloud Security Architecture at Big-4 Consulting Firm

At a big-4 accounting/consulting company, BNETAL provided thought leadership, security architecture, design, development and implementation of a large cloud-based platform. Our consulting involved review of application, services and platform level security, and advisory role in helping the development, implementation and infrastructure teams on all aspects of security. This helped our client ensure that the platform adhered to a set of security policies and could withstand the set of threats in the intended environment of operation for the kinds of data that our client hosted on this platform. Our approach was hands on, and we helped facilitate various discussions, and helped build consensus among stakeholders. Our contributions were highly appreciated by our client leadership (see endorsements here).

Advisory Services to a major Bank's regional CISO

At a major international bank with US presence, BNETAL was senior advisor to a US regional CISO on various security iniatives including mergers and acquisitions, cloud security, identity and access management, network security, SIEM, firewalls, vulnerability management, and a host of other matters. BNETAL excelled at simplifying complex technical challenges and building consensus among a diverse group of subject matter experts, to drive delivery of solutions that enabled business while strengthened security.

CISO Advisory Services to North Carolina Department of Health & Human Services

At North Carolina Department of Health & Human Services, BNETAL helped manage a large team of consultants and provided management consulting around the NIST 800-53 and HIPAA Privacy & Security based security assessments for NC DHHS's infrastructure and applications that addressed their COVID response. BNETAL also lead the cloud security strategy discussions across NC's DIT and DHHS, bringing together the stakeholders and developing consensus on a roadmap.

Healthcare Predictive Analytics Company

A Healthcare Predictive Analytics company successfully used BNETAL's EDI data processing engine SureEDI®. SureEDI® was used to simplify data mining and analysis of EDI data to detect and predict patterns, which enabled the EDI data owners to gain important insights for improving outcomes and revenues. SureEDI® performed robust parsing and translation of EDI files into formats that can be consumed by the healtcare predictive analytics company's analytics engine, enabling robust analysis and important insights into the data. The use of SureEDI® greatly simplified data processing and analytics, and drastically reduced the cost of mining the EDI data for valuable insights. SureEDI® enabled the healthcare predictive analytics company to avoid a lengthy, complex and expensive development project and gave them a cost effective approach.

Laboratory and Healthcare Revenue Cycle Management Company

At a Laboratory and Healthcare Revenue Cycle Management Company, BNETAL deployed its enterprise gateway SureDeliver® as a turnkey solution for Affordable Care Act (ACA) compliant connectivity and security (more specifically the CAQH CORE Connectivity and Security Operating Rules). The current Secure FTP channel is augmented with SureDeliver®, which provides a robust parallel channel for pickup of Electronic Remittance Advice (ERA, or X12 835) files by trading partners using the set of standards that are mandated by the Affordable Care Act (ACA) for HIPAA covered entities. Using SureDeliver gave this organization an efficient, cost effective and hassle free path towards compliance. Further, the fact that SureDeliver is kept updated to address future requirements for connectivity and security saves the trouble of ongoing EDI remediation. The rich feature set of SureDeliver including robust security, trading partner, message management, diagnostics and compliance reports are helping simplify the operation while supporting new trading partner relationships for this customer.

Council for Affordable Quality Healthcare

BNETAL has provided subject matter expertise to CAQH Committee on Operating Rules for Information Exchange (CORE) initiative in developing connectivity rules for facilitating interoperability between healthcare providers (doctors offices, hospitals etc.), vendors, and health insurance companies. Business Networks was chosen for its experience on national level healthcare and public-health data interchange initiatives like the National Health Information Network (NwHIN) and Public Health Information Network (PHIN), and its expertise in messaging and security standards. As part of this team, Business Networks plays a prominent role in facilitating the technical discussions around messaging, security, and the selection of standards.

Centers for Disease Control and Prevention

At the CDC, Business Networks International Inc. provided security consulting and architecture, design and development support for CDC's Public Health Information Network. In particular, Business Networks was responsible for the architecture and security of Public Health Information Network Messaging System (PHINMS), which is the primary mechanism for transporting data across the PHIN. The PHINMS is currently in widespread use at the CDC, at State Departments of Health and at several hospitals and labs. ManageSecure® was used at a CDC subcontractor site for managing and monitoring deployment security resources.

Virginia Department of Health

The Virginia State Department of Health has used ManageSecure® for several years. The department utilized ManageSecure® for identity and access management; specifically, the product features leveraged included integrated PKI management, single sign-on and role based access control features to provide a strong security perimeter around its public health applications, such as the NEDSS and PHINMS. Business Networks International Inc. worked closely with VDH in identifying the security gaps, in performing requirements analysis and in implementing the security perimeter around their mission critical web applications.

Nationwide Health Information Network Phase I (Prototype) Security Architecture

Business Networks International was part of a consortium of companies led by Computer Sciences Corporation (CSC) that was awarded a major project to develop a prototype architecture and implementation for the Nationwide Health Information Network (NwHIN). The consortium led by CSC included Business Networks International and other companies. This team worked with the following health market areas: Indiana Health Information Exchange (Indiana); MA-SHARE (Massachusetts); and Mendocino HRE (California). The Chief Architect on the CSC lead NwHIN Architecture team gave a glowing endorsement of our services.

Nationwide Health Information Network Phase II (Trial Implementation) Security Architecture

Business Networks International was part of team of consultants and vendors led by Computer Sciences Corporation (CSC) that developed a trial implementation to prove the NwHIN interoperability specifications at the New York e-Health Collaborative (NYeC). Business Networks International provided security architecture and security standards subject matter expertise consulting throughout the project. Working closely with HIE vendors, BNETAL played a key role throughout the life cycle of this project, including identifying security risks early during the lifecycle of the project, and building consensus among the HIE implementers towards security implementation decisions that were achievable within the project timeline and resource levels. Business Networks provided lead representation of the team at security discussions with other HIE vendors and at security and implementation workgroups.

Image 2

Key Clients