The HIPAA Privacy and Security Rules apply to any organization that manages electronic protected health information, or ePHI. This includes medical practices, health plans, biotech firms, pharmacies, medical device manufacturers, and service providers.
Third-party validation of your HIPAA compliance is an important step in protecting your patients and business from a potential data breach. Focal Point's team of compliance, IT, and legal experts have helped dozens of healthcare and technology organizations achieve and maintain compliance with the HIPAA, HITECH, and Omnibus mandates.
Our HIPAA services will help your organization:
Focal Point provides HIPAA support to companies across the country, including some of the top healthcare providers, technology companies, and insurance providers. These companies have chosen Focal Point because of our unique combination of experience in both HIPAA privacy and security as well as our commitment to client service. In addition, Focal Point offers:
Data Security Capabilities – Focal Point has a robust cyber security practice with extensive experience performing vulnerability assessments, penetration testing, web application security testing, network hardening and source code analysis. These professionals are integrated into our HIPAA compliance teams when needed.
Thorough Risk Analysis – The risk analysis, a required component of HIPAA compliance, is key to understanding your full privacy risk universe. We have experience assessing against all major frameworks, including CobiT 5.0, NIST 800-30, NIST 800-66, ITIL V3.
Legal Expertise* – A number of our privacy experts join us from some of the leading privacy law firms in the nation. Their legal knowledge allows us to quickly interpret regulatory standards and provide valuable guidance to our clients. In addition, we also maintain relationships with major law firms across the United States as well as the FTC, US Trustee Office and OCR, to stay current with legal trends and regulatory changes in the privacy and data security space.
Self-Assessments for Small Providers – Focal Point's HIPAA Risk Advisor is a web-based tool that offers a cost-effective HIPAA Security Rule Risk and Gap Analysis for small and mid-sized medical practices. Read more at about HIPAA Risk Advisor.
Streamlined Audits – Having performed many successful HIPAA audits, our methodology is designed to make HIPAA compliance as simple, straightforward, and painless as possible. Our risk analysis, gap analysis, penetration testing, and policy and procedure development services work together to provide a single solution with minimal impact on business operations.
Focus on Long-term Value – We strive to deliver tailored solutions that provide long-term value to your organization. We provide advisory support to help our clients maintain sustainable HIPAA programs, reducing future costs and improving the efficiency of key processes.
Focal Point can assist with the creation of incident response procedures and an operational post-breach workflow. This workflow will help guide your organization through the required steps to ensure compliance with state breach notification laws, HITECH Act and other applicable privacy regulations.
Focal Point has helped many organizations develop, formalize and/or re-evaluate their HIPAA/HITECH policies and procedures to ensure they are meeting the needs of the organization and all regulatory requirements.
We provide cyber security services to ensure that PHI is secure from inappropriate access or disclosure. Our testing and assessment services include Information Security Assessments, Vulnerability Assessments, Penetration Testing, IT Risk Assessments, and other technical security assessments.
*Focal Point is not a law firm and does not provide legal advice.