The Health Information Portability and Accountability Act (HIPAA) was enacted in 1996 addressing the security and privacy of health care data. In addition, The Health Information Technology for Economic and Clinical Health Act (HITECH Act) was enacted as part of the American Recovery and Reinvestment Act of 2009 (ARRA) and signed into law on February 17, 2009. The HITECH Act amended HIPAA with significant changes to data breach notification, enforcement, and penalties.
SecureState’s HIPAA Gap Assessment will review your systems and processes to identify areas of non-compliance.
- Compliance with the HIPAA/HITECH
- Identification of non-compliant areas and understanding of what actions are needed to comply with the HIPAA Security and Privacy Rules
- Proper 3rd party objective demonstration of HIPAA/HITECH compliance
- Avoidance of damages often totaling millions of dollars that could result from a ePHI/PHI compromise
- Reduction of the cost, confusion, and complexity of HIPAA/HITECH compliance
SecureState’s Audit & Compliance consultants are experts in understanding both the technical aspects as well as the business aspects of your organization. Our experienced Team Members have worked with many organizations in the commercial, government, and health and human services sectors; including providers and service organizations. As part of these relationships, SecureState has gained extensive knowledge and experience with National Institute of Standards and Technology (NIST) security control frameworks, such as NIST SP 800-66, that are commonly used in government agencies and can be adopted by commercial organizations. In addition, SecureState has a number of CIPP professionals as well as a former HIPAA Compliance Officer for a Fortune 500 financial institution on staff to assist with both the Security and Privacy Rules outlined within HIPAA.