Organizations that store, processes, or send personal health information (PHI) must follow HIPAA Act. This is to ensure the safety of all protected personal data.
Ensure that your organization meets HIPAA compliance and HITECH security requirements. Get a HIPAA audit or risk assessment.
What is HIPAA Compliance?
HIPAA compliance refers to conforming to the provisions of the HIPAA Security Rule. This means complying with ambiguous language and terms like “addressable” which sounds optional but is mandatory.
Compliance is tricky and very complex – that is why we employ a team of experienced auditors and security consultants to produce a HIPAA Compliance Assessment report and detailed Opinion report. These reports map out your adherence to the HIPAA Security rule, show to what level you comply, and suggest how to achieve complete compliance (remediation). We also find the likelihood of compromise your organization faces should you choose to accept the risk of lower compliance.
You do not automatically comply with Texas HB 300 (Texas Medical Privacy Law) or California Medical Privacy Laws. Further, simple compliance comes nowhere near meeting Florida’s FIPA Privacy Law guidelines. HIPAA compliance becomes more complex and more costly if you fail to meet compliance requirements.
Complications of HIPAA Compliance
77 audit protocol provisions cover entities that are considered for implementation. These are in addition to the 88 required audit provisions of the Privacy Rule.
Each of these provisions is frequently referenced as a separate rule. But, there is only a single HIPAA Rule for each privacy and security. Documentation must show reasonable consideration for provision or protocol and implementation. Also, if implementation was through an alternate solution, and why.
HIPAA Regulatory Security Assessments or HIPAA Audit
A HIPAA Regulatory Security Assessment or Audit analysis and documents your security measures. We deliver detailed information you need to design, plan, and implement improvements such as:
- On-site Assessment.- We inspect the physical aspects of your administrative, physical, and technical security. Also, aspects of security such as the state of your policies, plans, procedures and networks.
- Risk Assessment — Identifies assets, potential threats, and operational risks
- Internal & External Vulnerability Assessment — Identifies technical weaknesses and vulnerabilities.
- Gap Analysis — Identifies areas that conform to the Security Rule provisions and is used for planning of any remediation efforts and proof of due-diligence.
- Remedy Recommendation —Documents reasonable and appropriate recommendations to support in designing and implementing any Required and Addressable safeguards.
Please view our HIPAA BAA Compliance Page for more information.