Slogan  

HIPAA Security Risk Assessment

Have you conducted an IT Security Review recently?

If your answer is NO, you could be open to substantial penalties and fines.


Provide Security Risk Assessment for your Practice

Patient confidentiality and record security is an important concern for every practice with the latest HIPAA laws in place and the compliance reviews being conducted at physician's practices. It's important for every practice to have a Policies and Procedures, trained staff, and a Security Officer who regularly monitors the risks associated with the HIPAA requirements.


Physician's Ally Has the HIPAA Solution

Our HIPAA Security Experts will walk your Practice through a detailed, customized HIPAA Security Risk Assessment.  The final product will be an additional HIPAA Security Compliance Policies and Procedure Manual for a project fee of $2,500.  The new manual would contain a complete Risk Analysis, Identification of Threats, Magnitude of Risk, and Gap Analysis that addresses the HIPAA-required risk analysis (45 CFR § 164.308 Administrative safeguards, 45 CFR § 164.310 Physical safeguards, 45 CFR § 164.312 Technical safeguards).  


What Does a HIPAA Security Risk Assessment Entail?

We begin the project with an (estimated) 3-hour client ‘interview,’  in which we gather the salient information on the practice’s current IT set-up.  Through use of an extensive audit tool, we streamline the client interview process. 

Based on the Practice’s unique areas of exposure, Physicians’ Ally, Inc.’s team researches solutions to any identified Security Risk exposure.  Physicians’ Ally, Inc. creates necessary Policies and Procedures and identifies recommendations for staff training and future areas of attention by the Practice.  Examples of some policies and procedures generated for other clients in the past are: 

Sample of Administrative Safeguard Policies and Procedures: 

Data Backup Plan 
Disaster Recovery Plan 
Information System Activity Review 

Sample of Physical Safeguard Policies and Procedures: 

Workstation Security 
Document Disposal 
Media Re-Use 

Sample of Technical Safeguard Policies and Procedures: 

Unique User Identification 
Emergency Access Procedure 
Encryption 

The project engagement will wrap-up with a 1-hour (estimated) meeting with the Client at which work products will be presented, discussed and delivered.  Work products include a hard-copy or flash drive version of the new HIPAA Security Manual and recommendations for next steps.  

Ongoing client work can continue beyond the project under an hourly Consulting Agreement.  

 

Powered by Freestone Products Ecommerce Software