HIPAA-HITECH

HIPAA-HITECH

The Health Insurance Portability and Accountability Act (HIPAA) and subsequent Health Information Technology for Economic and Clinical Health (HITECH) Act define policies, procedures and processes that are required for organizations that store, process or handle electronic protected health information (PHI).

The HIPAA Privacy Rule and Security Rule establish national standards for maintaining the confidentiality, integrity, and availability of PHI, requiring organizations and individuals to implement a series of administrative, physical, and technical safeguards when working with PHI.

Identifying compliance gaps within a healthcare organization can minimize the chances of a costly and sometimes devastating data breach. Our unique network penetration strategies help health industry clients not only protect the well-being of their patients, but also help safeguard patient privacy from cyberattack, while complying with HIPAA-HITECH.

Failure to comply with the acts may result in monetary penalties. Section 13410(D) of the HITECH Act establishes four degrees of culpability, based on an organization’s knowledge and response in complying with the law. The growing number of litigation settlements resulting from HIPAA violations underscores the serious risks associated with non-compliance and highlights the need for IT audits.

To help meet HIPAA-HITECH regulatory requirements, Canaudit will identify and demonstrate real world threat vectors and provide recommendations to protect data, confidentiality, integrity and availability. Our compliance reviews include a risk analysis to identify a number of controls, threats and vulnerabilities relevant to the HIPAA Security Rule.

Canaudit’s experience in healthcare includes hospitals, health plans, laboratories, private practices, and major healthcare systems serving the nation. We understand the liabilities associated with patient health information and our strategies result in robust reports that uncover weaknesses that other information technology audit firms miss.

Adobe_PDF_file_icon_32x32 HIPAA Security Safeguards
Adobe_PDF_file_icon_32x32 Four Degrees of HIPAA Security Violations

Related Services:

Network Penetration and Vulnerability Assessment
IT System Audit and IT Security Review
IT Policy and Procedure Review
Physical Security Review
PCI DSS Compliance Review
PCI DSS 3.1 Gap Analysis