Security Risk Assessments

Security Risk Assessments

A Security Risk Assessment provides a comprehensive understanding of identified risks to sensitive organization and client data and provides specific steps and actions that should be taken to lower those risks.

HIPAA Security Risk Assessments

If your law firm is considered a Business Associate as defined by The Health Insurance Portability and Accountability Act (HIPAA), you are required to have a periodic risk assessment. HIPAA was enacted to protect the privacy and security of sensitive patient health information. It is an organization’s responsibility to implement safeguards that ensure electronic protected health information (e-PHI) held by the organization is properly protected. LaSalle Consulting Partners has developed a HIPAA Risk Assessment Security Service that helps covered entities identify and implement the proper safeguards to protect (e-PHI) and to comply with the HIPAA regulations. The HIPAA Security Service consists of the following:

  • A detailed HIPAA Security Risk Assessment
  • 18 HIPAA Security Policy and Procedure Templates
  • Online training covering HIPAA Security and Privacy, and compliance testing to all employees (Updated training materials are released annually in January)
  • Dark Web scanning and monitoring
  • Simulated phishing attacks
  • Access to the HIPAA Breach Prevention Platform Portal (12-month subscription)

Our reviews also help to identify some of the areas where a service provider does not meet the Cybersecurity Program Best Practices as defined and released by the Department of Labor in April 2021. The risk assessment should also meet the DOL’s guideline to have a “Prudent Annual Risk Assessment.”

Non-HIPAA Security Risk Assessments

We have also developed a Security Risk Assessment service for law firms that do not have HIPAA compliance requirements, but may have cybersecurity compliance requirements dictated by their clients.

Our reviews help to identify some of the areas where a law firm does not meet cybersecurity best practices. The Security Risk Assessment should also meet Insurance Carriers requirements for renewal of cybersecurity insurance.

Get the advantages of our industry and technical expertise today!

Call us at 312-361-3326 if you have questions or want to discuss your needs.