Assess your compliance with HIPAA requirements through a comprehensive evaluation tailored to your specific needs.
As of September 23, 2013, compliance with HIPAA and HITECH standards will be mandatory for all applicable health care entities and their third-party vendors. Failure to comply with these standards could result in both civil and criminal penalties.
Do you know if you and your third-party vendors are HIPAA compliant? Contact us to find out!
To help answer that question Eyra Security provides health care organizations and their business associates with a series of HIPAA assessments that can, over time, result in comprehensive coverage and iterative improvement. Eyra follows the specific HIPAA and HITECH compliance points as the model for these assessments.
HIPAA Compliance with Eyra Security
Our HIPAA assessment focuses on regulations for companies who may or may not be facing an audit. During this engagement, we look at the following:
- Compliance is the bare minimum needed to protect sensitive data. The point-by-point assessment identifies Lean ways to meet HIPAA requirements so your business still retains the necessary resources for security.
- Policies and Procedures are reviewed as they document the controls current in use. Missing items are identified and critical procedures are verified to ensure they are functioning appropriately.
- Network Vulnerability involves scanning your network to identify the operating systems and applications in use. HIPAA requires that you give your critical systems sufficient attention and a network vulnerability assessment is a good way to way to do that. Older applications are a common vector in successful attacks, but these flaws can only be addressed if you know they exist.
- Strategy is perhaps the most critical security task, as well as the least used. We will compare your current compliance posture to a complete HIPAA roadmap and identify what you already have, what you still need and how to get there.
And, depending on the scope of your engagement, we also examine:
- Web Vulnerability focuses on the many common problems found in web applications, such as SQL injections looking to steal or alter data, scripting to exploit users or weak configurations.
- Data Analysis identifies the documents and databases an organization is storing and the risks resulting from possible data leakage. This analysis helps you determine ways to centralize storage and eliminate the unnecessary.
Schedule a call with Erya today to talk about how a HIPAA compliance security assessment could protect you and your organization.