The first step in performing a valid comprehensive HIPAA assessment is collecting and organizing the vast amount of data from a variety of sources. Our software tools provide a central repository to safely and securely collect the information.
Next, we conduct a “site interview” to obtain the answers to a series of questions about HIPAA-related IT issues such as ePHI. This step ensures we collect the same information a government auditor seeks.
Then we conduct an onsite survey to observe the environment and check on a wide range of security policies. There’s no guesswork here: Our service includes a comprehensive checklist of things to look for.
We use a series of computer-generated worksheets that are automatically cross-correlated with the collected data to ensure there are no anomalies. We also run local HIPAA scanners on each PC in your office to collect even more HIPAA-required data. All the information gathered is then analyzed by our specialists and organized into a set of official HIPAA Compliance reports and documents that we certify and provide to you as part of our service offering.
Preparing all of these documents is the most important step in avoiding fines for “willful neglect” of the law. But in order to provide the protection you need from a potential data breach and HIPAA fines, we review, prioritize and recommend fixes for any issues deemed to be potential HIPAA violations.