All health-related entities are required by law to have a specialized IT risk assessment performed to satisfy the requirements of HIPAA – The Health Insurance Portability and Accountability Act.
So, too, are all other companies that do business with these entities, including IT service providers, shredding companies, documents storage companies, attorneys, accountants, collections agencies, and many others. Many of these companies and organizations are not even aware of this legal requirement!
When asked where do organizations suffer the most audit failures, a former director of the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services commented in the “failure to perform a comprehensive, thorough risk analysis and then to apply the results of that analysis.”
OUR HIPPA SERVICE OFFERING:
Our service starts by doing a HIPAA risk assessment which will allow us to generate a complete set of the official reports that comprise a comprehensive HIPAA IT assessment including:
- HIPAA Policy and Procedures,
- HIPAA Risk Analysis,
- Private Cloud on Premises.
- HIPAA Management Plan,
- Evidence of HIPAA Compliance & all associated supporting documentation.
We will combine the mountain of data gathered above with onsite survey which will include photos, observations and supplemental data including a comprehensive checklist of things to look for which we gather at your site.
We will then work with you to complete three worksheets: -a User Identification Worksheet, a Computer Identification Worksheet, and a Share Identification Worksheet.
We will combine all of the above to generate a Security Exception document, then analyze and organize them all into a set of official HIPAA Compliance reports and documents.
Our service will also include comprehensive hour long HIPPA training for all your employees. We can also provide you with short training videos that any new employee needs to complete.
- Administrative Safeguards
- Security Management Process
- Workforce Security
- Information Access Management
- Contingency Plan
- Facility Access Controls
- Workstation Security
- Device and Media Controls & Access Control.