What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a broad national standard that places protections around healthcare and health insurance in the United States of America. While the standard touches many different aspects of patient care, there are specific provisions or “rules” designed to protect sensitive patient health information from improper use and disclosure. The rules were required by HIPAA to be developed by the Secretary of the U.S. Department of Health and Human Services (HHS). The rules included the HIPAA Privacy Rule, and a subset of requirements labeled the HIPAA Security Rule. The outcome for not adhering to HIPAA requirements can result in civil and even criminal penalties.
The two rules outlined above set the overall requirement for administrative, technical, and physical safeguards as they relate to HIPAA. It is these types of controls that our consultants help organizations to achieve.
How we help achieve HIPAA compliance?
We help your organization meet the control requirements needed to pass an HHS / Office of Civil Rights (OCR) audit review. We do this by offering services designed around the Administrative, Technical, and Physical safeguards.
Risk Management Program Development
Virtual Risk Officer
HIPAA / HITECH Gap Assessments
HIPAA Security Policies
Information Security Policy Development
Information Systems Assessment and Reviews
Security Awareness Training
Business Continuity Plan Development
Vendor Risk Assessments
Penetration Testing Services
Incident Response Plan
Data Breach and Forensic Investigation Services
Network Access Control (NAC) Services
Dynamic Segmentation Security Programs
Identity and Access Management Solutions
Security Log Monitoring
Endpoint Detection and Response Solutions
Virtual Chief Information Security Officer
Virtual Privacy Officer Services
Medical Device Risk Assessments
Physical Security Assessments
Social Engineering Testing Services
Fraud Assessment Services
Business Continuity and Contingency Planning Services
Building Access Control Planning Services
Data Disposal Plan and Solutions
Data Backup Plan and Solutions