HIPAA Security Risk Assessments

The Health Insurance Portability and Accountability Act (HIPAA) was enacted to protect the privacy and security of sensitive patient health information. It is an organization’s responsibility to implement safeguards that ensure electronic protected health information (e-PHI) held by the organization is properly protected. LaSalle Consulting Partners has developed a HIPAA Risk Assessment Security Service that helps covered entities identify and implement the proper safeguards to protect (e-PHI) and to comply with the HIPAA regulations. The HIPAA Security Service consists of the following:

• A detailed HIPAA Security Risk Assessment
• 18 HIPAA Security Policy and Procedure Templates
• Online training covering HIPAA Security and Privacy, and compliance testing to all employees (Updated training materials are released annually in January)
• Dark Web scanning and monitoring
• Simulated phishing attacks
• Access to the HIPAA Breach Prevention Platform Portal (12-month subscription)

Our reviews help to identify some of the areas where a covered entity does not meet the Cybersecurity Program Best Practices as defined and released by the Department of Labor in April 2021. The risk assessment should also meet the DOL’s guideline to have a “Prudent Annual Risk Assessment.”