Home Blog Sitemap Contact Us

Health Insurance Portability and Accountability Act (HIPAA)

Consulting, Implementation Support, Audit


HIPAA Consulting Overview

We provide HIPAA consulting and implementation support. This includes identification and assessment of EPHI in the network, risk assessment, vulnerability assessment, detail recommendations, policy/documentation support, gap implementation tracking, training, coaching data protection officers, internal audit, and management review leading to successful HIPAA compliance, 

What is the approach for successful implementation?

There are primarily five phases, and in each phase there can be several sub-phases:

Phase I – Scope determination
that part of the organisation/network which needs to be covered which needs control prioritization.

Phase II – Asset identification/Risk Assessment/Gap Analysis
risk assessment is key to determine the scope of infrastructure and the requirement for controls. This phase results in identification of each gap.

Phase III - Implementation
through definition of policy/procedure/documentation and relevant people/process/technology records.

Phase IV – Internal Audit
is the process of verifying successful implementation, on one hand, and the inclusion of security principle in business lifecycle on the other.

Phase V – HIPAA certification
Total duration of each milestone can vary depending upon the complexity of the organisation. Talk or write to us at roadmap@www.coralesecure.com to know how we can take you through a successful journey.

Security Coverage

HIPAA Rule covers the following key areas

Administrative Safeguards

  • Security Management Process
  • Assigned Security Responsibility
  • Workforce Security
  • Information Access Management
  • Security Awareness and Training
  • Security Incident Procedures
  • Contingency Plan
  • Evaluation
  • Business Associate Contracts and Other Arrangements

Physical Safeguards

  • Facility Access Controls
  • Workstation Use
  • Workstation Security
  • Device and Media Controls

Technical Safeguards

  • Access Control
  • Audit Controls
  • Integrity
  • Person or Entity Authentication
  • Transmission Security

Organizational Requirements

  • Business Associate Contracts or Other Arrangements
  • Requirements for Group Health Plans

Policies and Procedures and Documentation Requirements

Contact Us Now !

Consulting Services

ISMS-ISO 27001  |  ITSM-ISO20000  |  BCMS-ISO22301-BS 25999  |  ERM-ISO31000  |  SSAE 18 - ISAE 3402 - SOC 2  |  PCI-DSS  |  HIPAA  |  IT Governance-COBIT  |  Network Security Assessment  |  Penetration Testing  |  Integrated Management System

Buy

ISO 27001 Documentation Toolkit  |  ISO 27001 Checklist & Evidences  |  ISO 20000 Documentation Toolkit  |  ISO 22301 Documentation Toolkit  |  HIPAA Documentation Toolkit  |  COSO Documentation Toolkit  |  SOC 1 Documentation Toolkit  |  SOC 2 Documentation Toolkit

Training

ISMS - ISO 27001 Training  |  SMS - ISO 20000 Training  |  HIPAA Training  |  BCMS - ISO 22301 Training 

Best Practices

ISMS 27001-2013 Standard  ISO 31000-2009 StandardBCMS ISO 22301-2012 Standard  |  SMS ISO 20000-2011 Standard 

Why Coral?

Why Coral?  |  Vision  |  Consulting Methodologies  | Coral News

Knowledge Centre

Coral Blog  |  Differences between Standards  |  Meet the Experts  |  ISO 27001 Consultant Skills  |  ISO 20000 Consultant Skills |  ISO 22301 Consultant Skills

Contact Us

India  |  USA  |  Mauritius  |  Worldwide  |  Coral is seeking world-wide Partners  Join our mailing list  |  Careers  |  Employers of Governance Professionals  |  Current External Positions
© 2012 www.coralesecure.com, All rights reserved
Web Design by http://www.indiainternets.com