A large regional hospital wanted to audit their infrastructure and make it HIPAA complaint.
Hospital higher authorities needed assurance that health information was protected against unauthorized access. The hospital needed to meet HIPAA and HITECH compliance requirements.
We have provided a HIPAA / HITECH Compliance and Security Audit. Which includes:
Administrative Safeguards - policies, procedures, plans, forms, security training, incident response, business continuity
Physical Safeguards - controls over access to data centers, cameras, EPHI
Technical Safeguards - firewalls, server configurations, network segmentation, anti-malware, logging, backups
We have submitted detailed report regarding several areas that needed improvement.
To meet compliance requirement we have provided them guidance regarding action plan, which includes steps having priorities to enhance security and protection of its assets.
- Compliance audit enhanced the hospital's security controls. Management has given assurance that systems and data are secure. EPHI (Electronic Protected Health Information) is protected from unauthorized access and alteration.