HIPAA Compliance Services
We partner with a leading industry software tool to provide technology supported annual HIPAA Risk Assessments. This software helps reduce the cost and time to conduct the assessment, and then acts as a project management tool as you work through your risk remediation process.
Our Clients: Who needs an Annual Risk Assessment?
Medical Healthcare Providers
Private practices, Mobile clinics, Tele-health providers, Stand-alone ERs, Rehabilitation facilities, Reproductive healthcare and LGBTQIA+ healthcare providers.
Mental Healthcare Providers
Individual, couple, family or group counseling providers. Psychiatrists and Psychologists who work for themselves or with a larger practice.
Non-Profits and Business Associates
Non-profits who work with medical or mental healthcare providers who may come into contact with PHI. Business Associates of compliant providers who have access to facilities or date, directly manage, or transmit their client’s PHI.
Services Overview
-
We enjoy working with the structure of compliance regulations to help improve your organization. HIPAA Compliance and Risk Assessment has a bad reputation for being boring and dry, and we really revel in helping make it more fun.
At the core, we work with HIPAA Compliance because we like to help organizations get better, and HIPAA allows us a framework within which to conduct organizational assessments and offer recommendations and support.
-
HIPAA violations and security risks exist within the context of your organization. While conducting your HIPAA risk assessment, we simultaneously conduct an overall Operational Assessment. This allows us to make detailed and actionable recommendations that work in the context of your organization.
HIPAA regulations are dense and can be difficult to navigate. We use our knowledge and experience to make this easy on you while we help you determine what security measures are “reasonable and appropriate” for your unique organization.
-
Discovery Phase- Assessor works closely with the client to gather information about the organization’s Security and Compliance Position. This may include group and individual staff interviews, facility inspections, Cyber Security Scans, and document review.
Analysis Phase- Assessor works independently with limited input needed from client to develop recommendation and remediation plan.
Results Delivery Phase- Assessor works with client to deliver, refine, and clarify findings and recommendations.
Remediation Phase- Client works independently using the software tool to address risk remediation and improve their Compliance Position. Client has access to Assessor for follow-ups and support as needed throughout the year following their assessment.