Health Insurance Portability and Accountability Act
Security Rule Gap Assessment
A HIPAA Security Rule Gap Assessment provides a review of an organization’s compliance with HIPAA’s Standards and Implementation specifications and how they are integrated into the organization’s ecosystem. Zephyr Global takes the time needed to thoroughly review each HIPAA Security standard and helps the organization document if and how well the standard is fulfilled. We are here to team up with your organization to assist you in knowing exactly where you stand with compliance and to fill any gas that may exist.
A HIPAA Privacy and Breach Notification Assessment provides organizations an organized approach to verify the established national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Rule also gives patients rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections. Zephyr Global’s process of verification uses the robust HIPAA Audit Protocols published with the rule.
Privacy and Breach Notification Assessment
Conducting a risk analysis is the first step in identifying and implementing safeguards that comply with and carry out the standards and implementation specifications in the Security Rule. Therefore, a risk analysis is foundational, and must be completed by all organizations that deal with patient data or any sensitive data for that matter. Zephyr Global has been performing RIsk Analysis for over 15 years. Our methods are used by many large firms and we take pride in our thoroughness and agility and look forward to assisting you with you Risk Analysis project. We follow the NIST guidelines as well as integrating some home-grown methods that we think only enhance our outcomes and risk understanding.