HIPAA Auditing
Information about HIPAA Auditing
What is HIPAA Auditing?
The great significance, and benefits of HIPAA Auditing
are patently clear; in the absence of HIPAA Auditing, dangers and
fines are sure to result. HIPAA, the Health Insurance Portability and Accountability Act,
sets the standard for protecting sensitive patient data. Any company
that deals with protected health information (PHI) must ensure that the
required physical, network, and process security measures are in place,
and followed.
Dynamic developments are taking place to secure Protected Health Information
(PHI); HIPAA Auditing is crucial. The HIPAA
Security Rule has been in effect since 2003. In 2009, Health and Human
Services (HHS) added “business associate” to entities that must comply
with the HIPAA Act of 1996. In 2009, the American Recovery and
Reinvestment Act (ARRA) was signed into law. Part of this new law, the
HITECH Act, includes HIPAA Auditing and breach notification requirements, for
HIPAA covered entities.
Our InfoSight Compliance and Security Specialist urges you to prepare
for HIPAA Auditing, by using InfoSight to perform your Risk
Assessment, focusing on your technology, people, IT environment, and
processes, across seven security domains; Management and Policy, Access
Control, Authentication, Awareness, Content Security, Threat Management,
and Encryptio, using forty-three (43) threat agents
representing internal/external events that may disrupt your processes and activities.
Healthcare providers receive financial incentives to upgrade Electronic Health Records (EHR)
systems or purchase EHR systems, which deliver a secure set of
electronic services in keeping with the HITECH Act, a provision of the American Recovery
and Reinvestment Act of 2009 (ARRA). This can strengthen your HIPAA
Auditing preparation, and your compliance record. The program, started in 2011, ends in 2015.
Partner with InfoSight Inc.!
If you would like more information regarding HIPAA Auditing, contact
us today to discuss your requirements.
Complementary Services
Vulnerability Assessment
IT Risk Assessment
Social Engineering Testing and Training