The Health Insurance Portability and Accountability Act (HIPAA) provides federal protections for personal health information, and sets compliance standards for entities that handle and use the information. CLA’s HIPAA risk assessment lays the foundation for developing and implementing administrative, technical, and physical controls to keep patient information secure.
What’s on your mind?
- Performing the required annual information technology risk assessment
- Complying with HIPAA standards
- Threats to the control environment
- Adequacy of current controls
Experience our client-focused approach
Our team consists of cybersecurity professionals who stay current on hacking techniques and the latest cyber crimes, and CPAs and consultants who understand health care industry regulations.
Our risk assessment process is based on guidelines defined in the National Institute of Standards and Technology Special Publication 800-30 Risk Management Guide for Information Technology Systems, which defines nine primary steps in analyzing risk:
- System characterization
- Threat identification
- Vulnerability identification
- Control analysis
- Likelihood determination
- Impact analysis
- Risk determination
- Control recommendations
- Results documentation
HIPAA risk services
Your HIPAA risk assessment will include a report on residual risks and gaps in your control environment, and recommendations on how to improve the management and security of your data and information technology.
InsightsSee All Insights
Blog 5/30/2023New Threat Targeting Fortinet FortiGuard Devices
Article 3/17/2023A Security Assessment Checklist for Colleges and Prep Schools
Blog 3/13/2023Cyber Security/Response Plan Preparedness in Trucking
Blog 3/1/20232023’s Artificial Intelligence Proliferation
Blog 11/7/2022Meta Pixel Privacy Concerns
Blog 10/31/2022Shadow IT and Rogue Applications
EventsSee All Events
Event 6/6/2023 – 6/8/20232023 CUNA Cybersecurity Conference with NASCUS