HIPAA Compliance Assessment

The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996 with the aim of requiring the protection and confidential handling of protected health information (PHI), both in paper and electronic forms (ePHI). The subsequent passing of the Health Information Technology for Economic and Clinical Health (HITECH) Act, which was enacted as part of the American Recovery and Reinvestment Act of 2009, modified the U.S. Department of Health and Human Service (HHS) Secretary's authority to impose civil money penalties for HIPAA violations. These HITECH Act revisions have significantly increased enforcement actions and the penalty amounts HHS may impose for violations of the HIPAA rules. These HIPAA rules are required for companies that store, process, or handle ePHI either as a covered entity or business associate.

Schneider Downs can assist your organization in meeting these rules by performing an independent HIPAA / HITECH gap analysis that will ensure that your organization has implemented the appropriate safeguards to protect the sensitive PHI and ePHI within your organization.

Detailed Approach to HIPAA Compliance

We begin our assessment by gaining and understanding of your business processes and taking an inventory of areas where PHI / ePHI are used or stored. We will work with and interview key individuals within the business and information technology services areas of your organization to understand information security policies, procedures, and practices. We will examine administrative, physical and technical safeguards that your organization has implemented to protect PHI / ePHI.

What makes the Schneider Downs process so effective is that our HIPAA compliance assessment is aligned with the HHS audit protocol. Using our deep understanding of the HHS' HIPAA Audit Protocol we perform a detailed review of policies and procedures adopted and employed by covered entities or business associates to meet the standards and implementation specifications of the Privacy, Security, and Breach Notification Rules.

Our ultimate goal is to assess your organization's compliance with the HIPAA rules, identify gaps and provide you with detailed recommendations to effectively close those gaps and ultimately protect ePHI / PHI. We will by provide your organization with a HIPAA compliance assessment report outlining all gaps along with a detailed roadmap to achieve ultimate compliance.

case studies

 
big problem:
Ransomware attack halted a global manufacturer's operations.
big thinking:
Recover and secure the system – fast – save $1 million in ransom.
 
big problem:
High tax burden for family-owned franchisor.
big thinking:
Comprehensive planning for a 15% tax reduction.

our thoughts on

Ransomware Still a Growing Problem for Organizations of All Sizes

While the concept of malware-based extortion has remained relatively unchanged since the first documented occurrence in 1989, attackers have spent the

read more >

Application to Receive Funding for On-Road and Class 8 Fleet Vehicle Projects in Pennsylvania Now Available!

As you know from our previous articles (Volkswagen Environmental Mitigation Trust Fund), Volkswagen is obligated to fund various environmental trusts for

read more >

Financial Fitness: Setting SMART Goals

This article was originally published in Wedgewood Life magazine and is reprinted with their permission. Happy New Year! As the calendar flips and a New

read more >

Good News Regarding Excess Business Losses For Your Pass-Through Construction Business

If you own a construction business, you know all too well that one or more bad contracts can make or break the financial results for the year. If you were

read more >

Financial Fitness - Are my personal finances on the right track?

This article was originally published in Wedgewood Life magazine and is reprinted with their permission. This is a frequently asked question by my clients

read more >

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102