Our Services

You need full visibility into your highest risks, as well as actionable and practical plans for achieving compliance. We can help. We help organizations in identifying and implementing the most effective and appropriate administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (“ePHI”).

Our HIPAA Security Rule Risk Analysis is designed to meet the requirements of 45 CFR § 164.308(a)(1)(ii)(A). Upon completion of the analysis, an organization will have a roadmap which it can use to efficiently and effectively allocate its resources in mitigating its risk exposure.

Our Assessment process includes

Identify

Software & hardware (“Assets”) used to create, store, and transmit ePHI

Map

Security Rule policies & procedures to HIPAA’s Administrative, Physical, and Technical safeguards and complete a data flow map of where ePHI is generated, transmitted, and stored

Label

Natural, human and environmental threats to ePHI being held

Discover

Technical & non-technical vulnerabilities that a threat may take advantage of to gain access to ePHI

Interview

HIPAA Security Officer and select team members to assess how the organization’s Security Rule policies and procedures are operationalized

Perform

Walk-through of the organization’s physical office to access physical security

Report

Findings of the assessment, a risk score for each Asset, and recommended remediation steps an organization could take to mitigate its risk exposure

Our Team

J. Ira Bedenbaugh

Managing Director

Will Boulware

CPC-A, CPMA. CHC
Manager

Carla Cullen

Manager

Case Studies

Additional Resources

COVID Business Continuity

HIPAA Changes for Telehealth and COVID-19

Mar 18th, 2020

As the Healthcare Industry deals with the emerging COVID-19 emergency, an effective way for providers to see patients who may have COVID-19, or to assess…
Read More

Article

Coronavirus Aid, Relief, and Economic…

Mar 30th, 2020

This document has been updated based upon additional guidance issued by the Center for Medicare and Medicaid Services (CMS) on March 29 and 30, 2020.…
Read More

Case Study

Healthcare Organization and Cybersecurity

May 17th, 2021

Executive Management asked Elliott Davis to help answer: “Is my electronic protected health information (ePHI) safe from cybercriminals and others that steal healthcare data?” Context…
Read More

Contact Our Team

  • By using the contact forms on our website, no professional relationship is established until you speak directly with an Elliott Davis professional to confirm such relationship. By submitting a message through our website forms, you agree that you have read and agree to the full terms and conditions of our website.