HIPAA Security Risk Assessment

HIPAA Security Risk Assessment

The Health Insurance Portability and Accountability Act (HIPAA) requires any business that handles electronic patient health information (ePHI) to take reasonable steps to ensure this information remains secure.

HIPAA Covered Entities know they need to become and remain compliant but are often overwhelmed by the dense legalese in the rule and wonder whether the costs of becoming compliant will be prohibitive. Legislation such as the Health Information Technology for Economic and Clinical Health Act (HITECH) strengthens the HIPAA Security and Privacy rules, requires “Business Associates” to fully comply with both rules just like “Covered Entities”; defines “secured” and “unsecured” PHI; and requires that notifications be sent to individuals if their PHI is compromised in a data breach. The principal goal of the gap analysis is to evaluate the current state of information security practices against the requirements of HIPAA and HITECH. This is a regulatory requirement, but a lack of internal resources and expertise often stops organizations from conducting a formal gap analysis, and this can leave them open to costly breaches and potentially significant fines.

 Solution

ISGRM performs a gap analysis that maps the HIPAA Security Rule’s Safeguards to your organization's specific environment to identify gaps that exist in the security program. An integral post-survey consultation helps determine a priority list for the recommended remedial actions. This compliance activity aligns your organization’s policies, processes and procedures with the safeguards, and the accompanying documentation demonstrates how the organization was evaluated and provides a prioritized roadmap for remediation.

Benefits

  • Assesses whether or not the organization is safeguarding protected health information based on the requirements outlined in HIPAA
  • Provides documentation with the information required so that you can demonstrate due diligence in the event of an audit by Health and Human Services (HHS)
  • Aligns the organization with breach notification requirements outlined in HITECH

For further information on our HIPAA Security Risk Assessment (HIPAA SRA) service, please contact one of our Sales representatives by calling (727) 537-9273 or by completing our Online Inquiry Form.

Contact Us

Contact ISGRM

We look forward to partnering with clients, new and existing, on their information security needs. Please don't hesitate to contact us if you have questions or wish to speak with us regarding one or more of our services.

Address

ISGRM
P.O. Box 41602
St. Petersburg, FL  USA 33743 USA

Email

sales@isgrm.com

Phone

(727) 537-9273

Ready to meet your security & compliance requirements?

Book A Consultation
Address

ISGRM
P.O. Box 41602
St. Petersburg, FL  USA 33743 USA

Contact ISGRM

Phone: (727) 537-9273

Email: sales@isgrm.com
Submit RFP

We welcome new clients
Save 20% on your assessments

Copyright (C) 2010 - 2024 Information Security Governance and Risk Management Group - ISGRM. All rights reserved.