Healthcare providers are the heroes of our society. To help our heroes protect their operations, the H-ISAC has partnered with RiskRecon to provide all healthcare organizations free cybersecurity rating assessments through December 31, 2020.

Using safe, non-invasive techniques, RiskRecon helps hundreds of organizations better understand and act on their own enterprise and third-party cybersecurity health by continuously discovering their digital footprint and assessing their cybersecurity across 40 security criteria spanning thousands of security checks. Safe. Informative. Actionable.

If you are a healthcare organization, simply complete the form below. RiskRecon will verify your request and provide you continuous assessment of your cybersecurity health. No other work required on your part. It is that simple.

Get your free subscription

  1. Complete the form.
  2. Respond to RiskRecon’s verification request.
  3. Receive PDF of initial assessment and credentials to the RiskRecon portal.
  4. Access the RiskRecon portal to understand your cyberhealth and to access RiskRecon support

Benefits of the Assessment

Internet Surface Discovery
  • Digital footprint - known and unknown
  • Hosting providers
  • Geolocation
Comprehensive Security Assessment
  • Software patching
  • Network filtering
  • Web application security
  • Web encryption
  • IP reputation
  • Email security
  • DNS security
  • Defensibility
  • Data loss


Mastercard Disclaimer
By providing free security assessments using public data for healthcare organizations, Mastercard makes no representations or warranties of any kind, express or implied, with respect to the contents of the assessments. Without limitation, Mastercard specifically disclaims all representations and warranties, including but not limited to any and all implied warranties of merchantability, fitness or suitability for any purpose (whether or not Mastercard has been advised, has reason to know, or is otherwise in fact aware of any information), or accuracy of the assessments or any use made of the assessments. Any action taken using the security assessments is strictly at the organizations own risk.