HIPAA Gap Analysis

The Health Insurance Portability and Accountability Act (HIPAA) requires any business that handles electronic patient health information (ePHI) to take reasonable steps to ensure this information remains secure.

HIPAA Covered Entities know they need to become and remain compliant but are often overwhelmed by the dense legalese in the rule and wonder whether the costs of becoming compliant will be prohibitive. Legislation such as the Health Information Technology for Economic and Clinical Health Act (HITECH) strengthens the HIPAA Security and Privacy rules, requires “Business Associates” to fully comply with both rules just like “Covered Entities”; defines “secured” and “unsecured” PHI; and requires that notifications be sent to individuals if their PHI is compromised in a data breach. The principal goal of the gap analysis is to evaluate the current state of information security practices against the requirements of HIPAA and HITECH. This is a regulatory requirement, but a lack of internal resources and expertise often stops organizations from conducting a formal gap analysis, and this can leave them open to costly breaches and potentially significant fines.


ISGRM performs a gap analysis that maps the HIPAA Security Rule’s safeguards to your organization's specific environment to identify gaps that exist in the security program. An integral post-survey consultation helps determine a priority list for the recommended remedial actions. This compliance activity aligns your organization’s policies, processes and procedures with the safeguards, and the accompanying documentation demonstrates how the organization was evaluated and provides a prioritized roadmap for remediation.


  • Assesses whether or not the organization is safeguarding protected health information based on the requirements outlined in HIPAA
  • Provides documentation with the information required so that you can demonstrate due diligence in the event of an audit by Health and Human Services (HHS)
  • Aligns the organization with breach notification requirements outlined in HITECH

For further information on our HIPAA Gap Analysis service, please contact one of our Sales representatives by calling (954) 800-0397 or by completing our Online Inquiry Form.

Contact Us

Contact ISGRM

We look forward to partnering with clients, new and existing, on their information security needs. Please don't hesitate to contact us if you have questions or wish to speak with us regarding one or more of our services.


550 North Reo St.,
Tampa, Fl, USA 33609 USA




(954) 800-0397

Submit an RFP

Please Wait!
Choose a file to upload
Add file information below
Your Name

Ready to meet your security & compliance requirements?

Book A Consultation
Corporate Headquarter

550 North Reo St.,
Tampa, FL 33609

Get Direction
Contact ISGRM

Phone: (954) 800-0397

Email: sales@isgrm.com
Submit RFP

We welcome new clients
Save 20% on your assessments

Request an RFP Response