security risk assessment

ABOUT US

CompliancePro SolutionsTM

was founded in 2010 to focus on

the growing need for technology

and services to address patient

privacyand security. Recent

federal and state regulations

have placed increasing demands

on all healthcare organizations,

not only to prevent breaches from

occurring, but also to properly

address them when they do

occur.

CompliancePro SolutionsTM was

founded by Kelly McLendon and

Paul Albrecht, who bring a

combination of world-class HIM

and privacy expertise, coupled

with a strong track record of

building industry leading IT

solutions for healthcare.

• MS-Excel based Assessment tool with automated, flexible scoring and both pull down and free text answers

• Flexibility to tailor your assessment by type of organization, Covered Entity (CE) or Business Associate (BA) and venue of care from inpatient to ambulatory (including physicians’ offices)

• Automated flagging of high and low priority security gaps and documentation of followup action items.

• Do it yourself, utilize one of our certified partners or engage CompliancePro SolutionsTM to perform your assessment

• Reference library available with policy, form and educational materials

ARRA / HITECH has created Meaningful Use criteria

required in order to receive incentive funding for certified

EHR system adoption. This criteria includes a requirement

for a HIPAA Security Risk Analysis*. CompliancePro

Solutions has created an easy to use tool that enables

healthcare organizations to accurately attest that a

security risk analysis has been performed.

* The actual meaningful use criteria language for both Eligible Providers and Hospitals

is: “Protect electronic health information created or maintained by the certified EHR

technology through the implementation of appropriate technical capabilities – Measures

– Conduct or review a security risk analysis per 45 CFR 164.308(a)(1) (HIPAA) and

implement security updates as necessary and correct identified security deficiencies as a

part of it’s risk management process

HHS has well defined, through the HIPAA Security Rule and various publications adopting NIST standards, the subject matter areas and content of security risk assessments. However, even though details have been published there is a wide latitude of possible questions to be asked, which tends to allow for more or less complicated assessments. Although each organization is required to answer or address each area in the assessment, the depth to which many of the criteria are evaluated is open to tailoring.

CompliancePro SolutionsTM has taken the many sources of information published by the government and created a flexible HIPAA security risk assessment program. This program can, like our privacy assessment program, be tailored to your organization, whether a CE or BA, inpatient or ambulatory (including physicians office) and performed by yourself, one of our certified partners or CompliancePro SolutionsTM.

A S O L U T I O N F O R Y O U R S E C U R I T Y R I S K A S S E S S M E N T N E E D S

CompliancePro SolutionsTM HIPAA Security Risk Assessment

CompliancePro SolutionsTM HIPAA Privacy &

Security Risk Assessment programs include:

Florida - East Coast OfficeChuck Pope772.260.6731cpope@emr-hit.comwww.emr-hit.com