Created with Sketch.
  • Make a Payment
    • Breached?
    Contact us

    HIPAA Compliance Assessment

    Deliver sound risk management practices, internal control systems and compliance frameworks.

    The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996 with the aim of requiring the protection and confidential handling of protected health information (PHI), both in paper and electronic forms (ePHI).

    The subsequent passing of the Health Information Technology for Economic and Clinical Health (HITECH) Act, which was enacted as part of the American Recovery and Reinvestment Act of 2009, modified the U.S. Department of Health and Human Service (HHS) Secretary’s authority to impose civil money penalties for HIPAA violations. These HITECH Act revisions have significantly increased enforcement actions and the penalty amounts HHS may impose for violations of the HIPAA rules. These HIPAA rules are required for companies that store, process, or handle ePHI either as a covered entity or business associate.

    Schneider Downs can assist your organization in meeting these rules by performing an independent HIPAA / HITECH gap analysis that will ensure that your organization has implemented the appropriate safeguards to protect the sensitive PHI and ePHI within your organization.

    Detailed Approach of HIPAA Compliance

    We begin our assessment by gaining and understanding of your business processes and taking an inventory of areas where PHI / ePHI are used or stored. We will work with and interview key individuals within the business and information technology services areas of your organization to understand information security policies, procedures, and practices. We will examine administrative, physical and technical safeguards that your organization has implemented to protect PHI / ePHI.

    What makes the Schneider Downs process so effective is that our HIPAA compliance assessment is aligned with the HHS audit protocol. Using our deep understanding of the HHS’ HIPAA Audit Protocol we perform a detailed review of policies and procedures adopted and employed by covered entities or business associates to meet the standards and implementation specifications of the Privacy, Security, and Breach Notification Rules.

    Our ultimate goal is to assess your organization’s compliance with the HIPAA rules, identify gaps and provide you with detailed recommendations to effectively close those gaps and ultimately protect ePHI / PHI. We will by provide your organization with a HIPAA compliance assessment report outlining all gaps along with a detailed roadmap to achieve ultimate compliance.

    Our HIPAA compliance Assessment Process

    1. Identify use and storage of PHI/ePHI
    2. Understand policies, process and controls
    3. Evaluate controls and determine if gaps exist
    4. Produce detailed report with remediation steps

    About Schneider Downs IT Risk Advisory 

    Schneider Downs’ team of experienced risk advisory professionals focus on collaborating with your organization to identify and effectively mitigate risks. Our goal is to understand not only the risks related to potential loss to the organization but to drive solutions that add value to your organization and advise on opportunities to ensure minimal disruption to your business.  

    To learn more, visit our dedicated IT Risk Advisory page. 

    IT Risk Advisory Resources

    View our additional IT Risk Advisory services and capabilities

    Learn More
    Contact us
    Subscribe For Updates

    Receive all the latest insights and industry tips.

    This field is for validation purposes and should be left unchanged.
    Email us: [email protected]
    Follow Us:
    Facebook-f Linkedin-in

    Office Locations

    Pittsburgh

    One PPG Place,
    Suite 1700
    Pittsburgh, PA 15222

    p:
    412.261.3644
    f:
    412.261.4876
    Columbus

    65 East State Street,
    Suite 2000
    Columbus, OH 43215

    p:
    614.621.4060
    f:
    614.621.4062
    Metropolitan Washington

    1660 International Drive,
    Suite 600
    McLean, VA 22102

    p:
    571.380.9003

    Links

    Inside Public Accounting Best of the Best 2024
    Accounting Today Top 100 2024
    Accounting Today Regional Leaders
    Best Of Accounting Diamond Award

    Schneider Downs is a Top 60 independent Certified Public Accounting (CPA) firm providing accounting, tax, audit and business advisory services to public and private companies, not-for-profit organizations and global companies. We also offer Internal Audit; Technology Consulting; Software Solutions; Personal Financial Services; Retirement Plan Solutions and Corporate Finance Services. Schneider Downs is the 13th largest accounting firm in the Mid-Atlantic region and serves individuals and companies in Pennsylvania (PA), Ohio (OH), West Virginia (WV), New York (NY), Maryland (MD), and additional states in the United States with offices in Pittsburgh, PA, Columbus, OH, and McLean, VA.

    © 2024 Schneider Downs & Co., Inc. Maryland license number 35239.

    Breached?

    Every moment counts. For urgent requests, contact the Schneider Downs digital forensics and incident response team at 1-800-993-8937. For all other requests, please complete the form below.

    "*" indicates required fields

    This field is for validation purposes and should be left unchanged.