hipaa
HIPAA
Consulting Overview

We provide HIPAA consulting and implementation support. This includes identification and assessment of EPHI in the network, risk assessment, vulnerability assessment, detail recommendations, policy/documentation support, gap implementation tracking, training, coaching data protection officers, internal audit, and management review leading to successful HIPAA compliance

What is the approach for successful implementation?
There are primarily five phases, and in each phase there can be several sub-phases:

PHASE I -Scope determination

that part of the organisation/network which needs to be covered which needs control prioritization.

PHASE II -
Asset identification/Risk Assessment/Gap Analysis

risk assessment is key to determine the scope of infrastructure and the requirement for controls. This phase results in identification of each gap.

PHASE III - Implementation

through definition of policy/procedure/documentation and relevant people/process/technology records.

PHASE IV -
Internal Audit

is the process of verifying successful implementation, on one hand, and the inclusion of security principle in business lifecycle on the other.

PHASE V -
HIPAA Compliance

At this stage you can declare yourself to be HIPAA compliant

Security Coverage

HIPAA Rule covers the following key areas

Administrative Safeguards
  • Security Management Process
  • Assigned Security Responsibility
  • Workforce Security
  • Information Access Management
  • Security Awareness and Training
  • Security Incident Procedures
  • Contingency Plan
  • Evaluation
  • Business Associate Contracts and Other Arrangements
Physical Safeguards
  • Facility Access Controls
  • Workstation Use
  • Workstation Security
  • Device and Media Controls
Organizational Requirements
  • Business Associate Contracts or Other Arrangements
  • Requirements for Group Health Plans
Technical Safeguards
  • Access Control
  • Audit Controls
  • Integrity
  • Person or Entity Authentication
  • Transmission Security
Training

We provide bespoke training, listed below are our offerings.

  • Shorter Sessions from 1 hour to 4 hours
  • Interpretation of the HIPAA requirements
  • 1 Day Awareness Session
  • 2 Days Internal Audit Course
  • 3 Days Implementation Course covering 10+ hands on exercises

Upon receiving your request, we will provide you further details.

Documentation Toolkit

HIPAA requires documentation of policies, procedures and records. As a result of several consulting assignments, we have some of the best content available that covers all the requirements.

Our documentation has the following salient features:

  • Alignment with all HIPAA policy documentation requirements
  • Our experiences turned into documentation templates
  • Project Tracking tools to support the implementation
  • Q&A support

Upon receiving your request, we will provide you further details.

Internal Audit

An independent assessment helps to assess the state of compliance. Our internal audit methodology includes people, process, technology and measurements to assure and provide management the degree of HIPAA compliance. Typically it takes 3-5 days to perform a comprehensive internal audit.

Upon receiving your request, we will provide you further details.

Risk Assessment

HIPAA requires a comprehensive risk assessment of ePHI infrastructure that covers users, information assets, network services, policies and procedures, breach response procedure to name a few. We have a complete risk assessment methodology that helps you achieve demonstrate HIPAA requirements.

Let us know if you are interested.

Upon receiving your request, we will provide you further details.

Program Management

Our consulting methodology experience has helped us to understand – what it takes to design and maintain a successful HIPAA compliance. The outsourcing model removes the compliance responsibility to an external team, whereas the management focuses on customer/business delivery.

Upon receiving your request, we will provide you further details.

Call or write to us at :
for proposal / roadmap / information