INITIAL HIPAA RISK ANALYSIS
HIPAA defines a Risk Analysis as:
an assessment of the risks and vulnerabilities that could negatively impact the confidentiality, integrity, and availability of the electronic protected health information (e-phi) held by a covered entity and the likelihood of occurrence
The HIPAA Privacy & Breach Notification rule also applies to ALL protected health information (PHI) whether in electronic paper or any other format
This risk analysis process will satisfy HIPAA's Privacy, Security & Breach Notification rules as well as the Advancing Care Information category which is a one of 4 parts of the Merit-based Incentive Payment System (MIPS) which requires a successful Security Risk Analysis
The 3 phases of the HIPAA Risk Analysis
The ASSESSMENT phase includes:
- Observing, Identifying, Interviewing
- Documenting
- Gathering information
- Developing remediation plans and
- Working with management to prioritize and design a risk mitigation plan (Risk Management)
The MANUAL DEVELOPMENT phase includes:
- Customized HIPAA Policies and Procedures
- Customized HIPAA forms
The TRAINING phase includes:
- In Person training or online training for workforce members on Privacy, Security & Breach Notification rules
- In person or online training for HIPAA Privacy Officer/Administrator
- Quiz to test understanding of the course content
- Certificates provided at the completion of training
Please allow half a day to a full day, depending on the size and complexity of the facility, to complete the On-site assessment phase. We require the Practice Manager or designated HIPAA compliance officer's assistance in order to conduct the assessment as well as the assistance of your IT service provider
Note: Our HIPAA program does not include computer software support, practice management software support, computer hardware support or Internet Technology support or services
This RA is geared toward small to medium size Healthcare and Dental facilities
CONTACT US FOR A QUOTE OR IF YOU HAVE ANY QUESTIONS