Delivering premier health information technology services to government agencies, public entities, and other organizations nationwide.


Mr. Larry Jasmann

Program Manager

T: (202) 737-7284
F: (202) 618-6234

Evaluating, Auditing, and Implementing Proactive Cybersecurity Measures

Cybersecurity Protection of Networks, Systems, Functions, and Data

Continuous Risk Management

Privacy and Confidentiality of Health Care Data Protection

PathfinderA+ Cybersecurity Services
Support of Centers for Medicare and Medicaid Services

Operational Readiness Support

Production Data Conversion

// what we offer

Cybersecurity Strategic Planning

As part of the Department of Homeland Security (DHS) OCIO Strategic Planning process for 2019 – 2023, Pathfinder A+ supported cybersecurity protection of DHS networks, systems, functions, and data. Going forward, provide a continuously mature the DHS cybersecurity posture and enable the DHS cyber-strategy.

  • We assisted in establishing Cyber Defense Measures Attributes and deterrence of unacceptable behavior in cyberspace. Priority focus areas included: Real time, threat-informed; Ensure continuous risk management; Supply a full Continuous Diagnostic Monitoring (CDM) solution; and Solidify security by design.
  • The Strategic Plan covered Data Security Implementation Data Protection Practices to safeguard DHS systems and applications.
  • Strategic Planning also encompassed Mobile Device Security Maturation for the DHS Enterprise Mobile Management cybersecurity posture.
  • The Pathfinder A+ role for DHS is to ensure cybersecurity standards continuously mature the techniques set forth in policy, and strategies to enable a strong cybersecurity posture.
// what we offer

Privacy and Confidentiality

Pathfinder A+ has assisted the Office of the National Coordinator for Health IT (ONC) with numerous issues related to protecting the privacy and confidentiality of health care data as they are exchanged between systems. For ONC’s Patient Centered Outcome research (POCR) project, we analyzed and developed technical standards for implementing and sharing individual consent (basic and granular choice) for the sharing of health information in healthcare settings and in a research environment. We also have worked with ONC’s Consent to Share (C2S) program, which addresses consumer consent for healthcare information sharing with a focus on behavioral health information. In addition, we have supported ONC’s Office of Standards and Interoperability to develop standards for protecting patient information when such information is shared between systems.

// what we offer

Security Controls Assessment

In support of Centers for Medicare and Medicaid Services (CMS) Enterprise Electronic Change Information Management Portal (ECHIMP). Pathfinder A+ conducted a Security Controls Assessment (SCA) which was completed with no findings and passed two Authorizations to Operate (ATOs).

// what we offer

Security Testing

Pathfinder A+ provides a broad range of software development and support services for Enterprise ECHIMP, which include but are not limited to security testing support, Operational Readiness Support, operational manual updates, beta testing, production roll out support, including production data conversion, post implementation support, future releases and updating documents as required. Specific deliverables are:

  • Business Product/Code ready for CMS operations and maintenance
  • Final CMS SSP and/or ISRA using the CMS FISMA Controls Tracking Tool (CFACTS)
  • Final CMS Contingency Plan using the CMS FISMA Controls Tracking Tool (CFACTS)
// what we offer

Cybersecurity Architecture

For DHS CISA, Pathfinder A+ is developing nodal relationship diagrams illustrating text-based content such as organizational strategy, NIST Cybersecurity Framework (CSF), and other texts of interest using freeform, or framework conformant techniques as required. We develop architecture-related products to include extrapolating data from disparate artifacts, researching strategic technologies, and creating documentation content. Our staff assist with development of communication documentation regarding CISA’s strategic technology requirements to industry; developing and maintaining strategic technology recommendations based on federal strategies, identified gaps, CISA mission, and program requirements; and working with CISA’s Continuous Diagnostics & Mitigation (CDM) dashboard.

// what we offer

Government to Citizen Relationship Management

Under a replacement program for FDA’s Adverse Event Reporting System (FAERS II) we provide a classic example of enabling transparent interaction between government (FDA) and citizens (G2C), government and business enterprises (B2G) and government to government relationships (G2G). We develop web portals for enabling government to citizen relationship management and to disseminate adverse event information through QlikSense dashboards. Enterprise Submissions Gateway enables the Business to Government relationship for regulatory compliance data submissions from the drug and pharmaceutical industry. Maintenance includes case processing and submission platform on pre-market (including bio-equivalence trials) and post-market safety reports along with product quality defect reports.