But understanding what the law says about HIPAA compliance is only the start. Your IT partner must also know how to properly assess the current state of your IT and know how to develop and implement a strategy to get you to where you need to be.
It all begins with a comprehensive audit of your current IT systems.
After you have made the informed choice to partner with VITECH, we will do an on-site interview with your Privacy & Security Compliance Officer and perform a facility walkthrough and inspection – looking to ensure that appropriate safeguards for storing and accessing PHI/PII are in place.
Following this, we will dive a little deeper to analyze the compliance status of your workstations, servers, and network.
Part of the analysis that we undertake in this process is surveying your systems for risk and vulnerability. This Comprehensive Risk Analysis utilizes NIST Methodology and covers Administrative, Physical, and Technical Safeguards under 45 C.F.R. § 164.308 (a)(1)(ii)(A) Because HIPAA is an extensive piece of legislation, the parts of an audit are, by necessity, extensive. Here is a list of the areas that we routinely review within this process.
Our Vulnerability Assessment is central and essential to this process. An external vulnerability scan is performed to look for holes in the network, and an internal vulnerability scan can be performed upon request. Once we have completed this exhaustive HIPAA Compliance Audit, we will provide you with an Evidence of HIPAA Compliance Report Package which includes:
At the conclusion of our HIPAA Compliance Audit, we will meet with your executive and internal IT management personnel to deliver the results of the audit, a Risk Management Plan, and Remediation Guidance.
Fill In The Form Below for industry news, information about our services, events, webinars and more.