HIPAA/HITECH Compliance Assurance

HIPAA Compliance AssessmentTo ensure HIPAA Compliance, Covered Entities and Business Associates must comply with the latest HIPAA Privacy, Security, Enforcement, and Breach Notification Rules since Sept’  2013. Have an industry professional walk you through the steps personally, or use our “Do-It-Yourself” (DIY) online toolkit to ensure compliance with the latest HIPAA/HITECH privacy, security, and breach standards.

For Healthcare Practices and Business Associates


HITECH and HIPAA Compliance Consulting Service

Request for Quote

Online Do-it-Yourself HIPAA/HITECH Assurance (HHA) Toolkit

 Get Started Now

Who is affected:

A covered entity or business associate needs to legally comply with the federal HIPAA/HITECH security, privacy, and breach rules/standards to protect individuals’ electronic protected health information (ePHI) that is created, received, used, or maintained. The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, healthcare clearinghouses, business associates, and those health care providers that conduct certain health care transactions electronically. The security rule requires appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. The breach rule covers the breach notification procedures introduced by HITECH act for unsecured protected health information.

What needs to be protected:

The privacy rule requires appropriate safeguards to protect the privacy of personal health information and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Rule also gives patients rights over their health information, including rights to examine and obtain a copy of their health records and to request corrections. The HIPAA Security Rule lists 28 administrative safeguards, 12 physical safeguards, and 12 technical safeguards, along with specific organizational policy and procedural requirements. The breach rule guidance requires encryption and proper data disposal as technologies and methodologies for rendering protected health information as well as PHR identifiable health information unusable, unreadable, or indecipherable to unauthorized individuals, such that breach notification is not required.

Our HITECH HIPAA Compliance Assurance Services include:

electronic protected health informationEHR 2.0 HITECH and HIPAA compliance assurance services help healthcare organizations discover the gap areas based on the required and addressable requirements. Our privacy, security, and breach compliance assessment include all  requirements listed in the act. Our HIPAA security assessment first identifies the 18 ePHI elements using our proprietary identification and profiling method for reasonable and appropriate protection of electronic protected health information.

  •  Confidentiality : Limiting information access and disclosure to only authorized users (the right people)
  • Integrity: Trustworthiness of information resources  and (no inappropriate changes)
  • Availability : Availability of information resources (at the right time)


Our Major Deliverables Include:

– Information Security Policy
– Master Privacy Policy
– Unprotected PHI Data Breach Policy
– Notice of Privacy Practices

FAQ on HIPAA/HITECH Compliance Assurance for Covered Entities

FAQ on Business Associate Compliance Assurance

EHR 2.0 / HIPAA Consulting Services


Upcoming Events

  1. MIPS Security Risk Analysis for 2018

    September 26 @ 1:00 pm - 2:00 pm