Health Insurance Portability and Accountability Act (HIPAA)

Consulting, Implementation Support, Audit

HIPAA Consulting Overview

We provide HIPAA consulting and implementation support. This includes identification and assessment of EPHI in the network, risk assessment, vulnerability assessment, detail recommendations, policy/documentation support, gap implementation tracking, training, coaching data protection officers, internal audit, and management review leading to successful HIPAA compliance, 

What is the approach for successful implementation?

There are primarily five phases, and in each phase there can be several sub-phases:

Phase I – Scope determination
that part of the organisation/network which needs to be covered which needs control prioritization.

Phase II – Asset identification/Risk Assessment/Gap Analysis
risk assessment is key to determine the scope of infrastructure and the requirement for controls. This phase results in identification of each gap.

Phase III - Implementation
through definition of policy/procedure/documentation and relevant people/process/technology records.

Phase IV – Internal Audit
is the process of verifying successful implementation, on one hand, and the inclusion of security principle in business lifecycle on the other.

Phase V – HIPAA certification
Total duration of each milestone can vary depending upon the complexity of the organisation. Talk or write to us at to know how we can take you through a successful journey.

Security Coverage

HIPAA Rule covers the following key areas

Administrative Safeguards

  • Security Management Process
  • Assigned Security Responsibility
  • Workforce Security
  • Information Access Management
  • Security Awareness and Training
  • Security Incident Procedures
  • Contingency Plan
  • Evaluation
  • Business Associate Contracts and Other Arrangements

Physical Safeguards

  • Facility Access Controls
  • Workstation Use
  • Workstation Security
  • Device and Media Controls

Technical Safeguards

  • Access Control
  • Audit Controls
  • Integrity
  • Person or Entity Authentication
  • Transmission Security

Organizational Requirements

  • Business Associate Contracts or Other Arrangements
  • Requirements for Group Health Plans

Policies and Procedures and Documentation Requirements

Contact Us Now !