HIPAA has been addressing the privacy and security of electronic protected health information utilized by health plans, healthcare clearinghouses, and healthcare providers. With the passing of the HITECH Act in 2009, compliance with HIPAA standards is now mandated for all covered entities and their third-party vendors. Not only are these business associates now subject to the same HIPAA security and privacy requirements, but they are subject to the same civil and criminal penalties as well. Compliance with these regulations has never been more important for any company doing business in the healthcare industry. Therefore, Aponia’s Healthcare IT Assessment provides a comprehensive evaluation of your compliance posture so you can be confident that you and your business associates are secure, protected, and up to date.
Key HIPAA Risk Assessment Areas Covered:
ePHI Environment Review, Breach Notification, Encryption Standards, IT Security Recommendations, HIPAA Compliance Policies and Procedures.
The Aponia Risk Management team follows NIST 800 Risk Management best practice procedures.
Our healthcare IT security experts apply proven processes and utilize a common controls framework. This combines the identified HIPAA controls with other industry best practices for all risk assessments/analyses and gap/compliance assessments.
HIPAA HiTECH Risk Assessment controls include:
- Administrative safeguards
- Technical safeguards
- Physical safeguards
- Policy and Procedures requirements
- Breach notification requirements
As a result, Aponia is a recognized leader in cybersecurity risk management and compliance with hundreds of assessments for healthcare and life sciences organizations including their business associates. Our expertise in HIPAA/HITECH/Omnibus extends beyond healthcare providers to include service providers (business associates) that fall under newly implemented regulations as part of current healthcare reform.