A Mental Healthcare Organization and HIPAA Compliance

Executive Management asked Elliott Davis to help answer, "What is our compliance with HIPAA security compliance?"

Context

Wanted to gain a detailed understanding of:

• Applicable regulatory requirements (e.g. HIPAA, PCI, CCPA) including efforts/costs to achieve compliance
• Cybersecurity risks, including estimated remediation efforts/costs pre and post-close
• IT landscape from the perspective of people, process, and technology with estimated remediation and integration efforts/costs

Our Approach

• Detailed HIPAA Privacy and Security Due Diligence
• Detailed Cybersecurity Due Diligence
• Baseline Due Diligence
• Detailed IT Due Diligence

Customer Impact

• Received final report of threat risk for each asset that creates, stores, receives, or transmits ePHI
• Identified gaps associated with compliance with HIPAA Privacy Rule including roadmap to meet the Privacy Rule requirements.
• Understands overall cyber maturity and steps to improve the overall posture

We Can Help

For more information on this and other topics, contact a member of our team.

The information provided in this communication is of a general nature and should not be considered professional advice. You should not act upon the information provided without obtaining specific professional advice. The information above is subject to change.