"When you need to know, choose Barraclough" (TM)

Ransomware Audit

Steps in the Ransomware Audit & Your Deliverables

1 – Define Scope

How many facilities to be reviewed? Will external vendors be evaluated? Can work be constrained to hospital facilities? Select options and cost.

2 – Agree on Terms

Select audit options and cost. Define team. Agree on interviewees. Set up coordination points-of-contact.

3 – Information Security

Sign non-disclosure, HIPAA, and security agreements. Agree on destruction of records after audit completed.

Barraclough NY LLC

New York, NY 10022

Tel: (212) 758-1296


4 – Onsite Data Collection

Onsite interviews in three domains: (1) IT security group; (2) Legal Affairs; (3) Suppliers (opt).

5 – Scorecard & Draft Report

Present Balanced Scorecard and Draft Report for Discussion. Review findings. Internal review for 10 days.

6 – Final Report and Playbook

Revise and complete final report. Complete Playbook and Present Plan for Simulation.  Certificate of Destruction of all Documents.

Awareness Briefing

Balanced Scorecard

Summary Report

Playbook & Drill Schedule

Your Certificate

Certificate of Document Destruction







Briefing before your group on Ransomware threaat and overview of Assessment. Includes case studies.

Shows your "report card" score for each variable in your security and emergency operations plans.

(1) Background: (2) Threat Analysis; (3) Personalized Scorecard; (4) Analysis; (5) Playbook; (6) Recommended Drill Schedule.

Playbooks are operating procedures to take in case of a Ransomware attack. This includes technical, law enforcement, and legal measures.

Frameable Certificate of Completion for Each Work Group

Notarized statement that Barraclough has destroyed all confidential records of your audit.


Download Hospital Ransomware Paper

Do you want to win your Medicare or Medicaid Appeal or have any problems with statistical extrapolations? Do you have any questions on how to get started with this process? Use our Contact Page and let us help you win.