January 2012 marked the beginning of the HIPAA audit compliance program, as announced by The Department of Health & Human Services’ Office for Civil Rights.
A total of 150 audits are planned for healthcare organizations of all shapes and sizes to measure their compliance with the HIPAA privacy and security rules. KPMG will be performing audits on covered entities that represent the diverse range of providers, health plans and clearinghouses operating today.
In advance of these audits, industry experts are advising that organizations take steps to prepare themselves for a potential compliance evaluation, including:
Conducting a comprehensive review of security governance documentation and training.
Addressing the entire life cycle of electronic and hard copy protected health information throughout the organization, including its creation, its maintenance, and its disposal.
Examining and documenting in advance any compliance gaps and associated remediation tasks.
VCPI can help your organization measure its current compliance levels and get ahead of the game when it comes to HIPAA audits. We have two assessment offerings that can establish your information security baseline:
Our HIPAA Security Assessment (HSA) is a focused review that covers all Standards and Implementation Specifications in the HIPAA Security Rule as well as requirements related to the HITECH Act Breach Notification rules.
Our Technology Risk Assessment (TRA) establishes a comprehensive, enterprise-wide information security review of your environment, leveraging a combination of applicable laws and regulations concerning information security (i.e., HIPAA Security Rule, HITECH Act) and industry best practices and frameworks (i.e., NIST SP800-53, ISO/IEC 27002, PCI-DSS).
Call VCPI at 877-908-8274 today to schedule your compliance assessment so you are ready to meet any audits that come your way!