Computer Crime, Cyberterrorism, and Law Enforcement
When: April 2, 2003
Where: San Diego, CA
PSI: Panelist

Download PSI Presentations from upcoming or past events.

Big news coming!!
Keep checking back to see what's new with PSI!

Press Release 03/11/03:
Practical Security Inc Releases
Paper Discussing Final HIPAA
Security Rule

Press Release 02/19/03:
PSI and SHP Form Alliance to Provide HIPAA Certification Support Services to the Healthcare Industry

Published Article: Information Security Magazine, February 2003:
"Talk the Talk, Walk the Walk: Five Tips to Win Friends and Influence C-Level Execs in Your Organization


Congratulations to our March book winner: Martin Fink of Federal Reserve Bank of NY

Signup here to register to win!

Press Release
December 18, 2002

Practical Security, Inc. Offers HIPAA Security
Support Services for Small and Medium Size
Health Care Organizations

New offering provides HIPAA self-certification services

In response to growing demand for security expertise in health care, Practical Security Inc. (PSI) today announced its offering of a full line of HIPAA support services for small and medium size health care organizations. The new services are designed to assist health care organizations with self-certification for published security criteria under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

HIPAA standards are intended to establish the requirements for security and privacy of individuals' medical information; the deadline for compliance under HIPAA is a firm date of April 14, 2003. The government strongly recommends "self-certification" because it has not established a standards body to certify covered entities in compliance with HIPAA security requirements. PSI's offering is intended to meet the needs of small-to-mid-sized healthcare companies, a segment of the market that is often overlooked by large IT consulting firms.

The following elements comprise the new offering:

  • HIPAA Security Audit.
    This security audit includes a HIPAA gap analysis and Business Impact Analysis (BIA) based on the security provisions of section 142.308 of HIPAA requiring administrative, physical, and technical control measures to protect confidentiality (security), integrity, and availability of protected health information (PHI).

  • HIPAA Self-Certification Checkup.
    PSI returns periodically to reassess security controls and processes. This meets the expectation of due diligence recommended in the published HIPAA guidance documents.

  • Third Party Review.
    Objectivity is crucial to the validity of the self-certification. The Department of Health and Human Services (HHS) has strongly recommended outside review of compliance in self-certification. Practical Security, Inc. acts as an external party with adequate training regarding generally accepted security guidelines and principles.

PSI recently completed a HIPAA security assessment for Strategic Healthcare Programs LLC (SHP), a Santa Barbara, Calif.-based service company that provides statistical analysis of healthcare data to help its clients develop planning measures.

Barbara Rosenblum, CEO of SHP, said "SHP is a technology company, but I felt it was critical for SHP to obtain third party review of our security practices and infrastructure. PSI gave us the confidence that we are on-track with regard to the security requirements mandated by HIPAA. I strongly recommend the services of PSI to managers of covered entities and business associate organizations."

Paul E. Proctor, president of Practical Security said "Smaller health care organizations have been left behind as the compliance deadlines approach. Recent surveys show that smaller organizations have done the least in preparing for HIPAA compliance. We hope these affordably-priced services will help close the readiness gap."
These services are available now. For more information visit

About Practical Security Inc.
Founded in 2002, Practical Security Inc. (PSI) is an information security services company dedicated to helping organizations of all sizes secure their mission critical information technology assets. Practical Security provides a practical and educational advantage to companies seeking ways to safeguard their information assets by helping employees at all levels be better prepared to detect, analyze and prevent IT security breaches. For more information on PSI, visit

About PSI Training
Incorporated in December 2002, PSI Training is a separate business unit spin-off of Practical Security Inc. that provides information security training classes for business professionals via a variety of electronic means. Classes on CD, audio/video presentations and instructor-led Webcasts will be distributed through strategic marketing partners and direct from PSI Training, downloadable via the Web at

Clearpoint Agency
Beth Walsh, 858/724-2500





Download a PDF version of our Corporate Fact Sheet.

Download a JPEG of founder, Paul E. Proctor.

If you don't have Acrobat, you can download it here: