Baylor College of Medicine – Human Genome Sequencing Center
Established in 1996, the Baylor College of Medicine – Human Genome Sequencing Center (BCM-HGSC) is a world leader in genomics. The center is one of three large-scale sequencing facilities funded by the National Institutes of Health The primary focus of the BCM-HGSC is high-throughput DNA sequence generation and the accompanying analysis. The sequencing data are analyzed and deposited regularly in the public databases ensuring that the worldwide research community has timely access to the data, advancing efforts in the research of human diseases.
BCM-HGSC’s NIH Grant requires compliance with FISMA guidelines including NIST 800-37 (RMF) and NIST 800-137 (Continuous Monitoring). BCM-HGSC was required to demonstrate initial compliance on a tight timeline. This required them to quickly onboard deep expertise and process experience to ensure they met this goal. BCM-HGSC also wanted to implement a risk management program for their security authorization & assessment (SA&A) process.
BCM-HGSC called on TalaTek to help with their immediate need for FISMA compliance. Once the initial project was complete, BCM-HGSC engaged TalaTek to develop a risk management program for their unique needs including current compliance requirements and future requirements. Today BCM-HGSC tracks compliance with over 300 Moderate NIST 800-53, Rev. 4.0 controls via continuous monitoring.
As BCM-HGSC expands its operations, they now have the need to demonstrate compliance with HIPAA Privacy and Security rules. TalaTek performed an initial gap analysis, including a mapping of HIPAA controls and requirements to FISMA controls currently implemented in the BCM-HGSC environment. A HIPAA implementation plan from TalaTek will include the recommend steps for integrating HIPAA controls into their existing risk management program.
“TalaTek has helped us navigate the challenges of FISMA compliance while always keeping our security status in mind and costs down. TalaTek’s subject matter experts helped our team effectively prioritize efforts to meet our security and compliance needs. They have been flexible and responsive, tailoring solutions to our unique concerns.”
-Information System Owner (ISO), Baylor College of Medicine – Human Genome Sequencing Center
To learn more about how the TalaTek team has helped BCM-HGSC build a risk management program that aligns with their business goals read the case study.