Project Overview
MilesHealth is proactive healthcare-as-a-service platform that aggregates customer health data from wearables, IoT, and traditional medical devices so that the MilesHealth healthcare provider network can provide data-driven services.
Since MilesHealth manages sensitive healthcare data across multiple third-party providers, device types, and partner APIs, they knew they needed to protect their valued customers and stand up a state-of-the-art cybersecurity and compliance program.
Our Solution & How We Partnered
- MilesHealth IT & Security team got started with our NIST 800-171 Controls Documentation course as a robust baseline control standard. They worked backwards from our provided policies, procedures, and technical guidance to tailor their environment.
- The MilesHealth team then fine-tuned the provided policies and procedures to their unique technical and business requirements
- The MilesHealth team and Sherpa consulting cross-mapped and certified their controls, policies, and procedures to meet HIPPA/Hi-Tech, and GDPR compliance
- The MilesHealth team utilized, and continues to utilize, the Sherpa Attestation engine to automate the production of their certified compliance documentation for investors and regulatory authorities
- Sherpa designed the complete MilesHealth Zero Trust Concept of Operations to go beyond compliance, and deliver elite cybersecurity for their customer data and manage their third-party software supply chain risk
- Sherpa delivered an on-going 12-month partnership for compliance management and cloud security services for the MilesHealth cloud native platform
