Technical, sound knowledge makes it easy. They are Professional, Trusted, Knowledgeable, Helpful, Communicative, and Personable, and give frequent, on-time status.

Very high marks on the deliverables and the process was smoothly run and predictable. The VP and CIO out-brief delivered was at the right level and they were comfortable with the detail.

They are highly technical auditors who also understand strategy. The team even brought on their cloud experts at the right time during our SRA, which takes a level of humility to do, to know when you know and when you hit your limit and need an expert. They minimized the scrap and rework I have seen on other SRA projects with other firms.

We wouldn’t do that if we weren’t very satisfied.

The Meditology Team helped clarify questions for our M&A team during this due diligence penetration assessment.

The Team is excellent. Project management has been key for this HITRUST engagement. They follow through and our status meetings help, and the reporting for NY State is critical as well.

We have to do them, and as fast as they are coming to us, we have to have (Meditology's)  support to achieve that.

The team was very communicative and personable. And they were able to work with our joint venture partner too with the overlap of responsibilities; they knew what to ask them and it would have been difficult for us to manage that and be in between.

We’ve gotten more done in the last couple of months with Meditology vCISO services than when I had an internal resource. It’s very valuable.

We wouldn’t do that if we weren’t very satisfied.

On our Ethical Hacking engagement, everyone was extremely professional and I was very comfortable with the communication and appreciated the knowledge they had. I really enjoyed working with them and would want to work with them again.

in InfoSec Risk Assessments and Ethical Hacking engagements because of the depth of experience they bring and the value they add. The Meditology Team always jumps in as partners with us.

Meditology is competent and knowledgeable about who we are and how we are trying to achieve our HITRUST Certification goals, and that’s a big part of success.

We got a well-executed pen test and the ability to take crisp action items that gives us a head start versus list of findings we have to interpret.

They took what we had, it was a lift, but they organized it first-off according to what standard P&P should be, the format, and what best practices are, and into a roadmap that follows industry best practices. I wasn’t telling them what it should be – they had it. As we have been going through and asking questions and for opinion, it’s been provided and immediately imparted based on their experience, calling it like it is with experience and knowledge.

Extremely adaptable. Tracking sheet deliverable was very helpful. Classic example of vendor coming in and working with a company by modifying to meet our criteria. Testing was done really well. Very impressed, every ask we had Meditology Team found a way to get it done.

We’ve been trying to get a foothold, traction, and focus on our BioMed security program and this was the way to kick-start it, to do it. The Assessment has a lot of good information in it and is outlined in a way that makes it understandable to Executive Team and to senior leadership. We are using the Final Report to form an action plan to address high-risk findings and to move our program forward.

A lot of the companies Meditology works with are larger than us but our Meditology team was very accommodating and made the process work for us versus being Draconian. And they took the time to learn our business and improve our security posture. We are continuing to work with Meditology on HITRUST next and that’s why.

The way the Meditology PCI Certification Consulting Services was so beneficial to me is that our qualified assessor is actually not as qualified on technologies and components, and it can take a lot of time out of my schedule. As the CISO, I don’t have time to explain that to someone; it would be a significant impact on our business. I rate Meditology PCI Certification Consulting Services a 5 out of 5 on Value because not only is the process and the structure smooth but they helped with education of that assessor which had an indirect impact on revenue.

What Meditology brought to the table during our Ethical Hacking engagement was of exceptional value to our organization.

in InfoSec Risk Assessments and Ethical Hacking engagements because of the depth of experience they bring and the value they add. The Meditology Team always jumps in as partners with us.

We scheduled a call prior to the Pen Test, then pretty much let them go and tell us what they could find. We had everything scheduled in advance and coordinated, stuck to timelines. Good follow-up and discussions around the findings. And we took some actions and additional steps based on the findings to remediate these issues.

Meditology has a great team who are very friendly and overall my experience with the Cloud Security Controls Review project is great.

Value of the Meditology Hacking engagement is providing us with opportunities to decrease attacks and take findings and remediation items to make everything safer.

Meditology brings insight into risk management processes that are very valuable. In addition to delivering a product, they facilitate collaboration and bring out the best in our team. Risk assessment content process and tool as well as great value in the risk engine. We like the people, the company, the flexibility, and we are very pleased.

The Team is very knowledgeable. Very professional team touching questions that are not easy and require knowledge like cloud-based environments and regulatory matters. They have much more knowledge than I and are very helpful. Questions are answered and we are not asked to just provide whatever for them to score. Communication is great; clear and constant reminders about the project schedule and deadlines.

Went into it expecting not to find a lot but at the same time expecting to find things I knew would come up, and they did, which is a good sign. We didn’t go down this road to just get a piece of paper – our customers want a 3rd party validation – we are very satisfied with the results.

Evidence of a positive contribution to our business is the fact that we use Meditology for all kinds of projects now. It’s proof that the relationship is working so well. And everyone is a great bunch of people to work with.

we got our cert, they moved staff and timelines around, and they were very flexible in seeing us to the end. We were very happy with the deliverables. And A+ for getting us to the HITRUST Certification. We are satisfied, our Board and Execs are happy.

From the first sales call onward, there was never a time where I thought anyone on the Meditology Team was less than excellent. Everyone knew what they were talking about and it made me feel good that they knew what they were talking about. No doubt they know the IT security space.

They guided us in what type of evidence to provide HITRUST, helped us organize all of that, and gave input to how we need to alter some of our P&Ps.

Everything went very well, very smoothly.

I thought it was very well organized and throughout the entire time the communication was really excellent. Everyone does a great job being detail-oriented and communicating very clearly. It has been a great experience.

Where we sit now, the wins we’ve had and ability to demonstrate value has been absolute homeruns, 5 out of 5 rating. We would not be where we are today without this relationship. Meditology brings the brainpower to solve problems and provides us with a system and gives us a great starting point versus us creating from scratch.

It was a strong effort, and will impact what we do going forward.

a great product that comes out of it, and it’s educational and informative and gives me what I need to build on.

Definitely helped us to interpret a lot of the confusing HITRUST items. Plus, the Team was flexible on sliding timescales.

I feel so much connection with the Team and plan to bring Meditology back for future assessments. Very pleased with what they have offered and how they managed the SRA and Cloud projects.

Things were found but also the engagement reinforced the need to take action on some items, and brought to light issues to our upper leadership team that we need to get some things in place; it expedited it.

When we’ve had questions, the Meditology team has been very helpful in clarifying things and flexible in how we provide information.

Compared, the Meditology Team did a great job. They are very professional and approached project in a very structured way and asked the right questions – it was impressive.

This year I wanted to move away from other vendors and give Meditology a chance – it really clicked with Meditology and the methodology they follow to complete the Cloud Security Controls Review project. The methodology is more in-depth and that’s a value I want our vendor to bring to the table. The Meditology name is well-accepted in the industry.

Great communication, great engagement, and Team was easy to work with.

They know their stuff, they come well-prepared and are knowledgeable and know what to ask and where to look.

They are people my team can talk to and get good answers and a trusting relationship with our assessor. Meditology saved us.

The Medical Device Information Security Consulting Services gave us an assessment of our current state, brought us to an actionable roadmap, and then the full-on implantation plans – Meditology gave us exactly what we need to do to mature in this space. It’s very valuable.

The Meditology Team is focused on healthcare which we are as well, they do a thorough job, and they came recommended to us by a major children’s hospital who are also very happy with them. This is the second year we’ve done Ethical Hacking with Meditology.

We are a different beast as a university. Most vendors put us in cookie cutter mold, but you took time to understand how we were different and couched the assessment. That was valuable – making the product fit our work environment.

We get a bit of a different team each year but it’s always consistent, which is what I need as a practitioner.

It’s helpful to have a conversation with someone who has worked in the field and understands the challenges we have. We have open lines of communication in our weekly HIPAA Privacy Risk Assessment meetings. They are very personable, very easy to work with, and they have teams of people who have done this before; Meditology has dedication to having a team of SMEs who understand.

I had a level of expectation when I brought the Team in. And I have not been disappointed. They are professional, very knowledgeable – and it’s very clear they know exactly what they are doing, what needs to be done, and have the content behind them to provide this service. You don’t have to worry about communication – they communicate and over-communicate.

Meditology delivered on our ability to have a Roadmap going forward. For 10-15 years I have been involved in different clients and companies, and I like the Meditology SRA deliverable for the way the data was laid out and the graphics – was innovative.

We got an accurate and comprehensive assessment of our security risks and will use the deliverables as a “Roadmap.” The Team really knocked it out, all the interviews, evidence, got it all submitted – and the SRA Report is an accurate reflection of where we are.

Very valuable to our organization. Team members are very valuable. We had conversations around GRC and HIPAA and some of the recent court rulings. And this didn’t have to be provided as part of the Security Risk Assessment.

For what this effort was supposed to be, I thought it was good to have an outside perspective. Some internal teams may make assumptions and it is good to have an objective point of view. We learned a lot of useful insights from this whole effort and it was worthwhile. It gave us the perspective of changing our methods of assessing the practices which is valuable.

Compared to in-house where it would take 4 months and 100% of my time, it’s completely worth it – and I know how much work it is. It’s nice to have my concerns validated too.

We couldn’t have done our HITRUST Certification without the Meditology help and feedback, the Meditology Workbook, and looking at what we had in place and how to get there – and with as few CAPs as possible.

But with Meditology advice, I know it will work. I can forget about it and it will work. It’s very important, reliable advice – a great value.

Overall without Meditology would be very hard to get HITRUST Certified or would take a lot longer. We learned a lot and it’s been helpful to have Meditology as partner through this journey.

Communication, logistics, deliverable – everything was of the highest quality. We use hundreds of vendors, I made the case to bring in Meditology and the output of this was exceptional.

The Team is very knowledgeable. Very professional team touching questions that are not easy and require knowledge like cloud-based environments and regulatory matters. They have much more knowledge than I and are very helpful. Questions are answered and we are not asked to just provide whatever for them to score. Communication is great; clear and constant reminders about the project schedule and deadlines.

We’ve been trying to get a foothold, traction, and focus on our BioMed security program and this was the way to kick-start it, to do it. The Assessment has a lot of good information in it and is outlined in a way that makes it understandable to Executive Team and to senior leadership. We are using the Final Report to form an action plan to address high-risk findings and to move our program forward.

Laid the foundation, know where our gaps are, have a non-bias deliverable to give to Execs to get money and funding to fully build program like this. I rate it a 5/5 and for the record, I am not an easy grader.

Very satisfied with the process and deliverables for the PCI assessment and ethical hacking engagement.

I feel so much connection with the Team and plan to bring Meditology back for future assessments. Very pleased with what they have offered and how they managed the risk assessment and cloud projects.