HIPAA Compliance Audit - HIPAA Security Compliance
Meet HIPAA compliance and HITECH security requirements with a comprehensive audit of you organization’s security controls or validate your own internal HIPAA audit or risk assessment.
Thorough compliance focused security analysis affords the least impact to the organization for validation with nearly 60 unique security provisions within the HIPAA Security Rule (45 CFR Parts 160, 162, 164). Many organizations are concerned about how to demonstrate conformity with the least amount of impact to the organization; our audit process helps your organization meet HIPAA Regulatory requirements as well as the HITECH Act’s ” Meaningful Use “.
Health Insurance Portability and Accountability Act of 1996 – HIPAA
Health Insurance Portability and Accountability Act of 1996 – HIPAA attempts to answer this concern by placing requirements for assessment into the Rule: Sec. 164.308 Administrative Safeguards. A covered entity must conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of protected health information held by the entity. Where is electronic protected health information stored and how does it move through your organization? What risks and foreseeable threats exist today to your information, systems, and facilities? Where are your weaknesses, vulnerabilities, and misconfiguration? Are you HIPAA Compliant? Do you conform to the HIPAA Security and Privacy Rules? What is HIPAA Compliance anyway?
Need a road map to HIPAA security? Need to know how to be HIPAA compliant?
There are 77 audit protocol provisions of the Security Rule that covered entities (the HIPAA Omnibus Rule greatly expanded who is considered a covered entity) must consider for implementation in addition to the 88 required audit provisions of the Privacy Rule each of these provisions is frequently refereed as a separate rule hence: HIPAA Security and Privacy Rules even through there is only a single HIPAA Rule for each privacy and security. You much have documentation indicating whether the audit provision or protocol was considered reasonable and appropriate; was implemented, whether it was implemented through an alternate solution, or whether it was not implemented at all and why…. How much security is enough for your organization? What is reasonable and appropriate? What proof do you have to support your decisions??? Is Addressable really required” in order to pass a HIPAA Audit? Need to know how to be HIPAA compliant?
HIPAA Regulatory Security Assessment or HIPAA Audit
A HIPAA Regulatory Security Assessment or Audit provides the unbiased analysis and documentation of your security measures and delivers the detailed information you need to design, plan, and implement improvements.
- On-site Assessment — Inspects the state of your administrative, physical, and
technical security policies, plans, procedures, systems, and networks.
- Risk Assessment — Identifies assets, potential threats, and operational risks
- Internal & External Vulnerability Assessment — Identifies technical weaknesses and vulnerabilities.
- Gap Analysis — Identifies areas that conform and those that do not to the Security Rule provisions and is used for planning of any remediation efforts and proof of due-diligence.
- Remedy Recommendation —Documents reasonable and appropriate recommendations to support your rationale in designing and implementing any Required and Addressable safeguards.
Subject Matter Experts (SMEs) in HIPAA Compliance
We are subject matter experts (SMEs) in HIPAA Compliance, HITECH Audits and security assessment – our skilled and experienced security consultants deploy with all the tools necessary to assess your organization’s security controls within a process specifically designed for HIPAA Security and Privacy Rules compliance. The result is an in-depth documented assessment and recommendation/remediation package. Findings are reviewed in detail with your staff.
Offset the Cost of HIPAA Compliance
Offset the cost of compliance with outsourced efficiency. An investment is required to acquire the security expertise, planning, implementation processes and tools to accurately and thoroughly audit for compliance. Spohn’s HIPAA Audit offsets the total cost of periodic auditing through lower cost on demand services .
- HSS.Gov – HIPAA Rule Summary Compliance
- HSS.Gov – HIPAA Audit Protocol – July 2012
- HSS.Gov -HIPAA Resource Page
- Health Insurance Portability and Accountability Act (HIPAA) – Wikipedia
Contact Spohn Consulting for a comprehensive HIPAA Risk Assessment
Our risk assessment and audit processes are the prefect tools to validate your company’s HIPAA Security / Privacy Rule compliance, Texas Medical Privacy or California Medical Privacy Law compliance. A HIPAA security audit will assess your organizations overall security posture, definitively answer your company’s HIPAA compliance concerns and it puts your mind at ease. Call us today at 512.685.1835 or 512.685.1000.
Do you conform to the HIPAA Security and Privacy Rules??
Texas Medical Privacy Law , California Medical Privacy Law (laws) and Florida’s FIPA are already in affect, with other states like New York, Colorado and Alaska looking to follow suit soon. Compliance was required within 60 days – Did you make the deadline? Could you?? Are you ready to be audited today? Settlements from this year’s and last year’s HIPAA compliance audits are ear marked for next additional enforcement efforts – more audits. There are substantial penalties for non-compliance and new training requirements – don’t be one of the unprepared funding the next round of compliance audits!!