HIPAA / HITECH Assessments
Protect the confidentiality, integrity, privacy, and availability of electronic protected health information(ePHI)
Audit Peak can perform a readiness or validation assessment against the HIPAA security and privacy safeguards as well as the HITECH breach notification requirements.
Improve Security Posture
HIPAA / HITECH Security Rule Readiness Assessment
Evaluating confidentiality and security safeguards
Audit Peak will perform a thorough review of your organization’s administrative, technical, and physical safeguards, along with the policies and procedures in place to safeguard the security, confidentiality and availability of electronic protected health information (ePHI), as well as the HITECH breach notification requirements. We will provide you with a detailed gap assessment outlining the current controls in place that would satisfy the HIPAA compliance requirements. The deliverable will also include any identified deficiencies/gaps along with best practices for remediating the deficiencies/gaps and any key control gaps that require immediate remediation.
HIPAA compliance involves fulfilling the requirements of the Health Insurance Portability and Accountability Act of 1996, its subsequent amendments, and any related legislation such as HITECH. HIPAA’s goal is to keep patients’ protected health information (PHI) safe and secure, whether it exists in a physical or electronic form. As such, HIPAA requires that healthcare facilities (hospitals, clinics, and private practices) who have access to PHI take actions to ensure the protection of patient data.
While the Security Rule covers only PHI that is in electronic form (ePHI), the Privacy Rule applies to all forms of patients’ PHI, whether electronic, written, or oral. The HIPAA Privacy Rule requires all Covered Entities to have a signed Business Associate Agreement (BAA) with any Business Associate they engage with that may come in contact with PHI.
Build Trust And Confidence
HIPAA / HITECH Validation
Audit Peak will independently validate your compliance against the HIPAA / HITECH requirements and provide your organization with a report demonstrating your level of compliance.