Executive Management asked Elliott Davis to help answer, “What is our compliance with HIPAA security compliance?”

Context

Wanted to gain a detailed understanding of:

  • Applicable regulatory requirements (e.g. HIPAA, PCI, CCPA) including efforts/costs to achieve compliance
  • Cybersecurity risks, including estimated remediation efforts/costs pre and post-close
  • IT landscape from the perspective of people, process, and technology with estimated remediation and integration efforts/costs

Our Approach

  • Detailed HIPAA Privacy and Security Due Diligence
  • Detailed Cybersecurity Due Diligence
  • Baseline Due Diligence
  • Detailed IT Due Diligence

Customer Impact

  • Received final report of threat risk for each asset that creates, stores, receives, or transmits ePHI
  • Identified gaps associated with compliance with HIPAA Privacy Rule including roadmap to meet the Privacy Rule requirements.
  • Understands overall cyber maturity and steps to improve the overall posture

We Can Help

For more information on this and other topics, contact a member of our team.

The information provided in this communication is of a general nature and should not be considered professional advice. You should not act upon the information provided without obtaining specific professional advice. The information above is subject to change.