We review the required elements of the HIPAA Privacy, Security, and Breach Rules against your compliance program. Over one hundred questions are asked and evaluated to provide you a complete HIPAA compliance overview of your where you stand with suggestions on items to be addressed.
We review your threats to ePHI and your policies and procedures in place to protect your ePHI. A serious of questions and reviews are completed to provide your Meaningful Use Risk Assessment Report. This option meets the Core measure for meaningful use but does not provide further HIPAA assessments.
The entire rule is reviewed as in the General Assessment above plus we perform the threat to ePHI review required for a Security Rule Risk Analysis report. All information is provided in a report that shows your risk level, operations compliance level, gaps to fill, threats to be addressed and more.
Everyone needs a coach to keep them on track. Kardon Compliance helps you review your compliance plan and keeps you on track with tasks by making accountability review dates.
ComplyAssistant is the cornerstone of our management tools. The web based software provided project management, document management, breach and event management, and more. The extensive documentation requirements of HIPAA 2.0 are really hard to manage properly without a tool like ComplyAssistant.
Our assessments will ask if you have a policy or procedures in place. If you need someone to review those polices and procedures with you to check for changes that could be made, we are here for that too.
You need to review the Physical Safeguards of each of your sites. We can visit your offices and remote locations to look for problems and confirm safeguards are in place. Our detailed report includes photos of the sites and more.
There have never been so many concerns for Business Associates before under HIPAA. You can be doing everything right in your compliance plan but a failure by one of your BAs can land you in the middle of an OCR investigation and media storm without you seeing it coming. It could even come from a BA of YOUR BA. We can help you review your contracts, documentation, BA compliance status and build a plan to make sure they are doing best to protect you and your patients.
A complete and thorough Risk Analysis requires a good bit of thought and documentation. The HIPAA Security Rule requires CEs and BAs to “Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the organization”.
There seem to be many people who believe a Risk Analysis is a checklist of questions that you answer in a spreadsheet and you are done. There is a good deal more to the Risk Analysis recommended for HIPAA than a simple checklist of questions. Detailed analysis, documentation and research are required to complete the Risk Analysis as intended by the Security Rule.
Kardon Compliance performs Security Risk Analysis’ for practices and their Business Associates. Other Services offered include: